Debugging is an important part of the software development process that helps developers write more reliable code. There are several tools available for debugging .NET applications, including Visual Studio and Debugging Tools for Windows. Some basic debugging tasks involve setting breakpoints, stepping through code, examining variables and call stacks, and understanding memory usage and threads. Postmortem debugging techniques like dump file analysis can help debug problems that occur in production environments where live debugging is not possible.
For More :
https://www.facebook.com/Computer-Programming-Assignments-826290177441561/
-
https://www.facebook.com/A-Tech-and-Software-Development-1683037138630673/
Android applications are an interesting target for
reverse engineering. They are written in Java, which is tradi-
tionally good to decompile and are executed by Google’s custom
Java virtual machine, making them interesting to study. In this
paper we present the basic methods and approaches as well as
the necessary tools to reverse engineer Android applications. We
discuss how to change Android applications and show alternative
approaches including man-in-the-middle attacks and automation.
For More :
https://www.facebook.com/Computer-Programming-Assignments-826290177441561/
-
https://www.facebook.com/A-Tech-and-Software-Development-1683037138630673/
Android applications are an interesting target for
reverse engineering. They are written in Java, which is tradi-
tionally good to decompile and are executed by Google’s custom
Java virtual machine, making them interesting to study. In this
paper we present the basic methods and approaches as well as
the necessary tools to reverse engineer Android applications. We
discuss how to change Android applications and show alternative
approaches including man-in-the-middle attacks and automation.
Captain Hook: Pirating AVs to Bypass Exploit MitigationsenSilo
In this talk we reveal six(!) different security issues that we uncovered in various hooking engines. The vulnerabilities we found enable a threat actor to bypass the security measures of the underlying operating system. As we uncovered the vulnerabilities one-by-one we found them to impact commercial engines, such as Microsoft’s Detours, open source engines such as EasyHook and proprietary engines such as those belonging to TrendMicro, Symantec, Kaspersky and about twenty others.
Deep Dive into WinRT - discover how the Windows Runtime is based on COM, how asynchronous operations work, how language projections enable access from a variety of languages, and what performance considerations are relevant for interoperability.
I have tried to present maximum detail on android booting sequence in a very abstract way. I hope it would be useful. If you find any correction needed please mention it on comments. Happy Coding :)
This presentation for the Accessibility Camp Bay Area introduces the new accessibility features of iOS7 and how they can be used for mobile developers. It also highlights key elements of the iOS 7.1 release that can affect accessibility. This is similar to a presentation I gave at Mobile+Web conference,http://www.slideshare.net/7mary4/ios7-accessibilitypdf, but doesn't need to introduce accessibility. The presentation is also meant to be more conversational.
With growth in app market it is essential to guard our android apps against possible threats, in this presentation we will walk through various tools and techniques which some one can use to reverse engineer an android app, we will see how some one can get access to APP DB, CODE, API, PREFERENCES.
We will also see different tools and techniques to guard our app against possible threats from code obfuscation with tools like dexgaurd to newer methods like verification of api calls using google play services.
This session was taken in Barcamp 13 bangalore http://barcampbangalore.org/bcb/bcb13/reverse-engineering-an-android-app-securing-your-android-apps-against-attacks
and bangalore android user group meetup Jan meetup http://www.meetup.com/blrdroid/events/100360682/
During one of my personal projects I decided to study the internals of Android and the potential of altering the Dalvik VM (e.g. Xposed framework and Cydia) and application behaviour. Not going into detail about runtime hooking of constructors and classes like these two tools provide, I also explored the possibility of reverse engineering and modifying existing applications.
In the web you can find multiple tutorials on Android reverse engineering of applications but not many that do it with real applications that are often subject to obfuscation or with complex execution flows. So in order to learn I decided to pick a common application such as Skype and do the following:
decompile it
study contents and completely remove some functionality (e.g. ads)
change some resources (not described in presentation bellow)
recompile, sign and install.
Used tools include :
apktool – for (de)compiling android applications
jarsigner – for signing android applications
xposed – for intercepting runtime execution flow (will make public in future)
The following presentation describes the steps taken in order to completely remove the ads from skype. This includes any computation or data plan usage the ads consume. Please note the disclaimer of the presentation as this information is for educational purposes only.
Check my website : www.marioalmeida.eu
I have created this slide deck originally for the dotnet Cologne conference in Mai 2012. It is not a marketing- or design-related session about metro-style apps. It concentrates on the basic technology of WinRT instead.
The session starts with describing the evolution from COM over .NET to WinRT. Based on this is shows WinRT in C++, .NET and JavaScript.
(Presentation at HITcon 2011) This talk introduces how to do Android application reverse engineering by real example. And, it covers the advanced topics like optimized DEX and JNI.
.NET Conf 2019 Tel-Aviv Israel
There are cases where bugs are discovered only after the product is shipped and used by the end-users. The main reason for these bugs that appear only in the production environment is the use of real user scenarios with real user data. Production debugging is about solving customer-facing issues that aren't easily reproducible in the development or testing environments. When it comes to a cloud-hosted application, production debugging becomes even harder. The code is running on multiple hosts, a business flow can span many services. A remote debugging session with the cloud is dangerous and may introduce side effects to the currently running software, such as performance degradation, interruption of service, and data correctness issues.
In this lecture, we will see how we can remote debug our cloud staging environment, and how we can use Visual Studio Snapshot debugger to set Snapshots and Log points in our production environment.
To get even more insights, the audience will see a revolutionary tool and approach for a collaborative production debugging – OzCode Debugging as a Service (DaaS), where the DevOps and the Dev team can solve production problems together!
You will learn:
1. The difficulties of debugging a modern cloud-hosted application
2. Methods and tools for capturing the state and debugging cloud-hosted services
Captain Hook: Pirating AVs to Bypass Exploit MitigationsenSilo
In this talk we reveal six(!) different security issues that we uncovered in various hooking engines. The vulnerabilities we found enable a threat actor to bypass the security measures of the underlying operating system. As we uncovered the vulnerabilities one-by-one we found them to impact commercial engines, such as Microsoft’s Detours, open source engines such as EasyHook and proprietary engines such as those belonging to TrendMicro, Symantec, Kaspersky and about twenty others.
Deep Dive into WinRT - discover how the Windows Runtime is based on COM, how asynchronous operations work, how language projections enable access from a variety of languages, and what performance considerations are relevant for interoperability.
I have tried to present maximum detail on android booting sequence in a very abstract way. I hope it would be useful. If you find any correction needed please mention it on comments. Happy Coding :)
This presentation for the Accessibility Camp Bay Area introduces the new accessibility features of iOS7 and how they can be used for mobile developers. It also highlights key elements of the iOS 7.1 release that can affect accessibility. This is similar to a presentation I gave at Mobile+Web conference,http://www.slideshare.net/7mary4/ios7-accessibilitypdf, but doesn't need to introduce accessibility. The presentation is also meant to be more conversational.
With growth in app market it is essential to guard our android apps against possible threats, in this presentation we will walk through various tools and techniques which some one can use to reverse engineer an android app, we will see how some one can get access to APP DB, CODE, API, PREFERENCES.
We will also see different tools and techniques to guard our app against possible threats from code obfuscation with tools like dexgaurd to newer methods like verification of api calls using google play services.
This session was taken in Barcamp 13 bangalore http://barcampbangalore.org/bcb/bcb13/reverse-engineering-an-android-app-securing-your-android-apps-against-attacks
and bangalore android user group meetup Jan meetup http://www.meetup.com/blrdroid/events/100360682/
During one of my personal projects I decided to study the internals of Android and the potential of altering the Dalvik VM (e.g. Xposed framework and Cydia) and application behaviour. Not going into detail about runtime hooking of constructors and classes like these two tools provide, I also explored the possibility of reverse engineering and modifying existing applications.
In the web you can find multiple tutorials on Android reverse engineering of applications but not many that do it with real applications that are often subject to obfuscation or with complex execution flows. So in order to learn I decided to pick a common application such as Skype and do the following:
decompile it
study contents and completely remove some functionality (e.g. ads)
change some resources (not described in presentation bellow)
recompile, sign and install.
Used tools include :
apktool – for (de)compiling android applications
jarsigner – for signing android applications
xposed – for intercepting runtime execution flow (will make public in future)
The following presentation describes the steps taken in order to completely remove the ads from skype. This includes any computation or data plan usage the ads consume. Please note the disclaimer of the presentation as this information is for educational purposes only.
Check my website : www.marioalmeida.eu
I have created this slide deck originally for the dotnet Cologne conference in Mai 2012. It is not a marketing- or design-related session about metro-style apps. It concentrates on the basic technology of WinRT instead.
The session starts with describing the evolution from COM over .NET to WinRT. Based on this is shows WinRT in C++, .NET and JavaScript.
(Presentation at HITcon 2011) This talk introduces how to do Android application reverse engineering by real example. And, it covers the advanced topics like optimized DEX and JNI.
.NET Conf 2019 Tel-Aviv Israel
There are cases where bugs are discovered only after the product is shipped and used by the end-users. The main reason for these bugs that appear only in the production environment is the use of real user scenarios with real user data. Production debugging is about solving customer-facing issues that aren't easily reproducible in the development or testing environments. When it comes to a cloud-hosted application, production debugging becomes even harder. The code is running on multiple hosts, a business flow can span many services. A remote debugging session with the cloud is dangerous and may introduce side effects to the currently running software, such as performance degradation, interruption of service, and data correctness issues.
In this lecture, we will see how we can remote debug our cloud staging environment, and how we can use Visual Studio Snapshot debugger to set Snapshots and Log points in our production environment.
To get even more insights, the audience will see a revolutionary tool and approach for a collaborative production debugging – OzCode Debugging as a Service (DaaS), where the DevOps and the Dev team can solve production problems together!
You will learn:
1. The difficulties of debugging a modern cloud-hosted application
2. Methods and tools for capturing the state and debugging cloud-hosted services
asp.net using c# notes sem 5 ( we-it tutorials ).
Review of .NET frameworks, Introduction to C#, Variables and expressions, flow controls, functions, debugging and error handling, OOPs with C#, Defining classes and class members.
Assembly, Components of Assembly, Private and Shared Assembly, Garbage Collector, JIT compiler. Namespaces Collections, Delegates and Events. Introduction to ASP.NET 4: Microsoft.NET framework, ASP.NET lifecycle. CSS: Need of CSS, Introduction to CSS, Working with CSS with visual developer.
ASP.NET server controls: Introduction, How to work with button controls, Textboxes, Labels, checkboxes and radio buttons, list controls and other web server controls, web.config and global.asax files. Programming ASP.NET web pages: Introduction, data types and variables, statements, organizing code, object oriented basics.
Validation Control: Introduction, basic validation controls, validation techniques, using advanced validation controls. State Management: Using view state, using session state, using application state, using cookies and URL encoding. Master Pages: Creating master pages, content pages, nesting master pages, accessing master page controls from a content page. Navigation: Introduction to use the site navigation, using site navigation controls.
Databases: Introduction, using SQL data sources, GridView Control, DetailsView and FormView Controls, ListView and DataPager controls, Using object datasources. ASP.NET Security: Authentication, Authorization, Impersonation, ASP.NET provider model
LINQ: Operators, implementations, LINQ to objects,XML,ADO.NET, Query Syntax. ASP.NET Ajax: Introducing AJAX, Working of AJAX, Using ASP.NET AJAX
server controls. JQuery: Introduction to JQuery, JQuery UI Library, Working of JQuery
Serverless architectures: APIs, Serverless Functions, Microservices - How to ...Bala Subra
Do you have the next best idea? How will you quickly migrate a legacy feature to new world for almost free? This talk will give you how to architect and implement your scenario for a cloud-oriented solution. We will share the best practices for storing your state in database; ways to decouple by events and suggested patterns for serverless. You will be equipped with taking advantage of low-cost serverless computing in a secure way and how to minimize operational costs. It will mostly focus AWS offerings like Serverless Aurora, API Gateway and Lambda functions for solutions blueprint
How do you improve the Config Model? Where to use Windows Server AppFabric? How to provide a RoutingService in the Framework? How to enable dynamic apps with Discovery?
How to find out production issues? Where to look for errors when application crashes in live environment? How to Visual Studio 2010 for replicating post mortem scenarios in difficult to reproduce errors? Using Source server, PDB symbols in old fashioned way for new age WCF services.
Basics & Intro to SQL Server Reporting Services: Sql Server Ssrs 2008 R2Bala Subra
How to use SQL Server 2008 R2 reporting services instead of ASP.NET for every data presentation problems? Where SSRS is superior to raw SQL? How it helps QA to automate their test cases?
Denny Lee\'s Data Camp v1.0 talk on SSRS Best Practices for ITBala Subra
Building and Deploying Large Scale SQL Server Reporting Services Environments Technical Note:
* Report Catalog sizing
* The benefits of File System snapshots for SSRS 2005
* Why File System snapshots may not help for SSRS 2008
* Using Cache Execution
* Load Balancing your Network
* Isolate your workloads
* Report Data Performance Considerations
BizTalk 2010 with Appfabric Hosting in the Cloud: WCF Services vs BT2010Bala Subra
How do you decide which Appfabric offering to use? When to prefer WCF services vs BizTalk solution? How to get the best performance with horizontal scaling in SOA?
How to ace your .NET technical interview :: .Net Technical Check TuneupBala Subra
This session is just not a brain dump of a technical interview on Microsoft technologies. It will be refresher on various pieces of the .NET, Database, OO, Process world. It will serve as a caution for interviewers to red flag their questions which are circulated on the webdom. For all the inquisitive and MCP certified brains, this will serve as a ‘whodunnit’ challenge. It will be a useful reference for the rest of us. The talk is divided into four sections. We will cover the typical BrainBench type questions to start with. Then we will attack the common problems encountered on the field and ideal solution paths to each of them. Third part will be about architectural trade-offs and ‘it depends’ scenarios. Finally, there will be discussion on best practices, books needed for interview preparation and open Q&A among the participants.
This session is for you if you want to learn tips and techniques that are used to optimize database development with special emphasis on SQL Server 2005. If you write lot of stored procedures and want to learn the tools of a DBA, this is the session for you. If you are new to SQL Server development environment, you will learn how the various constructs compare to each other and better performance can be produced every time with a brief introduction to understanding Execution Plans.
Generate reports with SSRS - SQL Server Reporting Services: This session will be a cornucopia of three sub-sessions. The first part will be to convince the skeptics. Why does every organization should consider SQL Server Reporting as part of its front-end solution? What will SSRS do better than a typical web application/site or a client-server application? The second portion will be a quick demo of the possibility and will be the shortest. The final part will talk about the best practices, tips from the field and will cover the implementation techniques.
15. VS Debugger Architecture VSDebug Package SDM CPDE (Managed) NatDbgDE (Native) Your Engine Here Your EE Here http://msdn.microsoft.com/en-us/library/bb161718.aspx
49. Windows Memory Architecture Application Virtual Memory Manager Heap Manager Default Process Heap C Runtime Heap Other Heaps
50. Heap Block Structure Current Size Previous Size Seg Index Flags Unused Tag Index Pre-allocation Metadata Post-allocation Metadata User accessible part Pre-allocation Metadata Suffix Bytes Fill Area (debug) Heap Extra Post-allocation Metadata User accessible part User accessible part
51.
52.
53.
54. Windows Error Reporting (WER) Architecture Error Sent Dr. Watson Process Crash Crash data over HTTPS Fault response over HTTPS Windows Error Reporting Service ISV Query Fault Data
Code reviews and Tracing are the old techniques to find out issues with the code. Unit Testing is the current mantra. But, the good old native debuggers are the way to resolve multi-process, multi-machine server applications. We will chat about using SOS, MDA, Windows Performance Monitors, CLR Profilers and NTSD with zero footprint & no config changes to production environment. The Visual Studio Debugger provides a slew of features that make the task of debugging both easier and more efficient. Learn about time-saving tips and tricks for all versions of the Visual Studio Debugger, including the new debugger features in Visual Studio 2010. Hear about the new mixed-mode debugging feature, the breakpoints window enhancements, the new WPF visualizes, and a number of other features. Also learn about thread debugging enhancements, new features for making stepping into properties easier, and more. Join us as we crack open the toolbox and walk through some of the debugger's best practices. Focus on powerful native debugging tools including WinDBG, NTSD, and CDB. introduce key concepts needed to successfully use .NET’s native debuggers. Next, turn to more sophisticated debugging techniques, using real-world examples that demonstrate many common C# programming errors. For developers who want a deeper understanding of how .NET works, to gain the necessary tools and use them to debug and solve real world problems that cannot be fixed with regular debuggers.
A defect that costs $1 to fix on the programmer’s desktop costs $100 to fix once it is incorporated into a complete program and many thousands of dollars if it is identified only after the software has been deployed in the field. (Building a Better Bug Trap – The Economist June 2003) Static Analysis can reduce defects by up to a factor of six! (Capers Jones, Software Productivity Group)
Compile-time analysis of the source program like code inspection, but performed by a tool Looks for violations of well-defined constraints procedure contracts Examples of bugs to be found by Static Analysis IoCompleteRequest(p) requires p to be non-NULL: p = NULL ; … ; IoCompleteRequest(p); Completing the same task twice when NOT needed: IoCompleteRequest (Irp); … IoCompleteRequest (Irp);
Static Analysis does 2 Things: Finds a defect - without testing Reveals the path - without debugging Path Coverage One test case covers only one path in the driver The path remains unrevealed if no defect found 100 test cases cover < 100 paths? More test cases -> more duplication How many paths remain untested? How long would it take to test all of them? When are you done? Longer than you can afford! Time to market? 100% Coverage In minutes or hours, not weeks or months Employing Computer, not a Test Engineer Targeting a large set of potential violations
1: Introduction to .NET Debugging. Explains the differences between Unmanaged (native) and managed (.NET) debugging, and explore the tools required for successful debugging. 2: CLR Fundamentals. Explores the physical layout of a managed assembly, the native CLR structural hierarchy, managed objects, and the role that JIT compilation plays in managed execution. 3: .NET Memory Management. Examines .NET memory management including the Garbage Collector (GC) and Finalizers. 4: Troubleshooting Hangs. Defines, parses, and troubleshoots “hang” scenarios in WinForms and ASP.NET applications. 5: Troubleshooting Exceptions. Dives into the different types of exceptions, including those that go unhandled in WinForms and ASP.NET applications. 6: Additional Debugging Tools. Reviews additional tools and debugging scenarios.
Dbgrsv.exe, kdsrv.exe, dbengprx.exe Debugger protocol remoting tools Discussed later as part of debugger remoting Security Audit Debugging
Nothing magic; Understand the code and its underlying illusions
Inspire of code auditors, reviews, FxCop... Impossible Business side of things
For example: Compiler will not catch an un-initialized pointer but you WILL get a run-time error if you try to use it! Some simple programming techniques * To improve diagnosability of your code * To help support folks get more out of the crash dumps * To enable them determine root cause of an issue from a single crash dump * So they don’t have to ask the customer to reproduce the problem again to get them yet another crash dump Debugging should be data centric not code centric * Especially TRUE for a crash dump * No execution and no execution control * All you have is snapshot of data structures to examine
Kdbgctrl.exe Tool to configure the kernel’s debugging options Run it on the target machine Change behavior of DbgPrint, user mode int 3, DbgPrint buffer size, etc.
http://blogs.msdn.com/jacdavis/archive/2008/02/20/new-debug-engine-sample.aspx he Visual Studio Debugger is split up architecturally into a few pieces: 1) The debugger UI: the windows and commands the user actually interacts with. A good example of this is the watch window or the little red circle that appears in the text editor as a breakpoint. 2) The SDM (session debug manager): “ A debug engine multiplexer” Admittedly, that’s a confusing explanation. Essentially, the SDM’s job to combine all of the events and commands for the various debug engines into one unified stream for the UI. The debugger UI only displays one ”view” of what is being debugged at a time. Even if the user is debugging multiple processes or threads, they are only looking at one of them. 3) Debug Engines – the components that perform the actual debugging of a debuggee. For instance, a native debug engine would be responsible for debugging native win32 applications. A script debug engine would be responsible for debugging jscript or vbscript. A CLR debug engine would be responsible for debugging .Net applications running on the CLR. A hypothetical Perl engine could be responsible for debugging Perl… and on and on Visual Studio Debug Engines implement and interact with a set of interfaces called AD7 which stands for Active Debugging 7. AD7 is publically documented here: http://msdn2.microsoft.com/en-us/library/bb147088.aspx
symproxy: a symbol server request proxy Similar to a web server proxy Allows local caching to reduce load on primary server Putting a proxy on a bridge server allows symsrv requests to cross network boundaries agestore: a new tool to manage local caches Simple aging and cleanup of locally-stored files
Use Right click on Module: “Symbol Load Information” to find out where we looked
16 Megs in today's world of .NET framework Production machines can't hv Visual Studio; not updated with latest patches Operations team is diff from dev primarily used for managed code debugging Diff between them WinDBG is not console based; GUI; step through etc NTSD & CDB are console based Security team; Windows HEAT team etc hv written plugins; etc capabilities Ability to write debugging extensions for our programs/projects/products
64 or which architecture? SDK is also available for developing our own extensions Debugger Extensions Dump or analyze complex data structures !process, !devnode, !poolval Leverages the type information from the PDB file Simplify routine tasks !analyze Automate repetitive steps Regularly check state of certain objects Fully control the state of the target Can write a mini-debugger using the extension APIs When Should You Write One? Any task that is repetitive can be sped up by developing an extension Allows other people (testers) to help with basic debugging Can help identify common problems quickly To dump internal data structures in a custom readable format Avoid writing extensions when: Code is still fluctuating a lot Extension must match the code being debugged
Analysis Step 1 Use bugcheck or exception parameters to extract basic information Each condition is processed by a separate routine that understands the meaning of each parameter If specific follow-up or faulting code is found, report results Save trap frame, context recording, faulting thread, etc. Analysis Step TWO Use information in step one to get faulting stack Scan the stack for special functions such as Trap0E or UnhandledExceptionFilter to find alternate stack Analyze frames on the final stack to determine most likely culprit Different weights are assigned to routines Internal kernel routines have lowest weight Device drivers have highest weight Fine grain control provided by triage.ini Highest weight frame found on the stack is treated as the culprit Analysis Step Three If stack does not yield an interesting frame, analyze raw stack data Iterate on all stack values using the same weight algorithm The ‘dps’ command will show that output This finds code that corrupts the stack Analysis Step Four Check for presence of memory or pool corrupting drivers Check for corrupted code streams Bad RAM Check for other possible problems, such as invalid call sequences Possible CPU problem Analysis Step Five Generate final bucket ID and follow-up based on all gathered information Determine which fields need to be embedded in the bucket ID !analyze assigns ownership of failure
Use Task manager; Get Process ID (TList) Start the app; instead of attaching to already existing Example of Windows NT Heat dependent process; additional information is filled in the blocks. Not Release debugging; So, Debug version is ran
show diff between -p (more dlls loaded) and starting manually
http://blogs.msdn.com/jacdavis/archive/2006/08/25/using-sos-in-visual-studio.aspx http://http/www.microsoft.com/whdc/devtools/debugging/default.mspx http://msdn.microsoft.com/msdnmag/issues/03/06/Bugslayer/default.aspx How do you go about using SOS in VS? Well first, you have to have the native debugging engine enabled. This is because SOS examines the CLR data structures from the debugger process so it must have access to the native address space. To do this from a console application project or winforms project, right mouse click on the project in solution explorer, choose properties, switch to the Debug tab, and make sure &quot;Enable Unmanaged Code Debugging&quot; is selected. With that done, close the property page add a breakpoint somewhere in your project, and hit F5. Once you've hit your breakpoint, the real fun begins. 1) Open the Immediate window (Debug->Windows->Immediate) 2) Type &quot;.load C:\\windows\\Microsoft.NET\\Framework\\v2.0.50727\\sos.dll&quot; and hit enter (you may need to change the path to point to a different location on your machine). The immediate window should respond by saying &quot;extension C:\\windows\\Microsoft.NET\\Framework\\v2.0.50727\\sos.dll loaded&quot; 3) Type &quot;!help&quot; sos should dump its help contents to the immediate window. It is now ready to use.
Symbols are extremely important when debugging native code While managed code are not so much important Source code lines are not present Proprietary information Run tool to strip all Private symbol Publish public symbol files For own symbol files instead of Microsoft refresh the symbol files
03Simple.exe demo for Symbols start with ntsd instead of attaching ntsd 03simple.exe .sysmfix .sympath+ c:\\ .reload
Collect all binary files into a Single Location Essential for library vendors Use them from a share (Private symbols) Publish the symbols on a HTTP server (public) Publish the symbols on a Secure HTTP server (Private) Works with other Tools (Process Monitor, profiler) SourceServer is an alternate stream into Private Symbol PDBs Contains information to retrieve the source file from the Source revision control system
CLR manages thread differently than Windows Native debuggers don't hv much idea abt Managed Code SO CLR understanding debuggers Threads getting deadlocked kind of scenarios
Demo ntsd 03simple.exe g ctrl + C .sysmfix .reload .loadby sos mscorwks !help !help Threads
Multi-threading is easy but tricky Hash code of the objects Lock info how many bytes long? 4 or 8 Deadlock issues 200 Threads waiting Instead of going one by one on each of the 200 Execute and get everything for each thread running
Run the app - start from cmd 06deadblock.exe TList ntsd -p processID .symfix .reload .loadby sos mscorwks ~*e!ClrStack ~0S (ZEROTH thread) !Dumpstack ~3s !DumpStack Use Syncblock to find out more info !SyncBlk Who is holding locks? Actual object which is holding? Address of the object !do !do on the object open the source code SOSex has the DumpObject command
No memory leaks Just new No need to delete in destructor Statistical summary - how many instances Type etc Specify address of the object Size, type etc 2 things Does not hv any references for it ?? Is it eligible for GC If not, who has references for it? (Native resources not getting freed up) Instead of GCRoot - Visual graph Whole lot easier Link to video
03simple.exe .sysmfix - set symbols .reload g ctrl + C load sos dump heap Address of the object - size of the object --- 327 objects Last part - stats 135 instances system.string - how much does it occupy dumpheap -type system.string (filtered on type) Pick an address of size 80 !do on its address !GCRoot on its address No references So it will be cleaned up on next GC Useful - why the reference is held? Who holds it etc
Live process is stopped; resumed; break into debugging We controlled the execution Services running in the cloud (credit card transactions) 1000s of requests coming each second Service will be down costs millions of $$ lost Always try to get Full memory dump Otherwise becomes difficult to execute all cmds
Automatic way vs .dump command Monitor with conditions for symptoms, problems - ADPLUS Win Error Reporting - Service based solutions version1 is getting used Diff flavors of windows Take the binaries of the product When the crash happens, anywhere Something bad happens at customer site Do you like to report this problem? Windows error reporting will create new entry Forward it to you/Download all the crash data Produce the fix Close the loop with customer Send it up to MS Register the response? - sorry for the inconvenience Take action on your issues Free of cost 3000+ companies signed up Client issues resolved as conditional maintenance
SOS debugger extensions loads small piece of native code Asks CLR to give info to debug When live debugging versions are same CLR is present on the system Diff machines when postmortem Hot fixes, service packs, dll hell etc - pain Public symbol server published in Microsoft Contact customer to give the correct version Load it in ur system debugger will launch with -z
08simple.exe Null exception Enable ADPLUS adplus.vbs -crash -pn 08simpleexec.exe (start) pn for process name Crash mode Find crash dumps in location click ok start app Adplus - performance degradation - slow debuggers folder crash mode date Text file Dump files generated Shut down - we are not interested second chance exception ntsd -z path to the file .symfix .reload loadby sos mscorwks !Threads Which generated !pe