“The art of not” coding “is extremely important. It consists in our not taking up whatever happens to be occupying the” management “public at the time.”
Arthur Schopenhauer, Parerga and Paralipomena: On Reading and Books
- Dmitry Vostokov @ DumpAnalysis.org -
Finally Dr. Debugalov adventures are going to be imprinted with bugs inside. This full-color book features never published before cartoons and a few surprises. It sets a new standard for entertainment in software engineering.
The cover was designed by Narasimha Vedala.
- Dmitry Vostokov @ DumpAnalysis.org -
“A” code “never — well, hardly ever — shakes off its” legacy “and its formation. In spite of all changes in and extensions of and additions to its” base “, and indeed rather pervading and governing these, there will still persist the old” code.
John Langshaw Austin, Philosophical Papers: A Plea For Excuses
- Dmitry Vostokov @ DumpAnalysis.org -
Opcodes “- so innocent and powerless as they are, as standing in a” manual “, how potent for good and evil they become in the hands of one who knows how to combine them.”
Nathaniel Hawthorne, American Notebooks
- Dmitry Vostokov @ DumpAnalysis.org -
APIs “govern the world.”
John Selden, Table Talk
- Dmitry Vostokov @ DumpAnalysis.org -
New cartoon from Narasimha Vedala (click on it to enlarge):
Revolution and carnage imminent at Dr. Debugalov’s bug farm…
- Dmitry Vostokov @ DumpAnalysis.org -
Here is the draft front cover for the forthcoming Windows Debugging Notebook:
It is based on Debugging Book Stack concept.
- Dmitry Vostokov @ DumpAnalysis.org -
Instead of providing the list of recommended books on debugging topics here is the picture that shows most of them that I own:
Hope you recognize books that you own and/or read too. Some of them were reviewed by me already:
Debugging by Thinking: A Multidisciplinary Approach
Microsoft Windows Internals: Microsoft Windows Server 2003, Windows XP, and Windows 2000
Why Programs Fail: A Guide to Systematic Debugging
and more reviews will come soon.
- Dmitry Vostokov @ DumpAnalysis.org -
“There are many rare” crashes “in the World, which Fortune never brings to Light” again.
Thomas Fuller, Gnomologia: Adagies and Proverbs
- Dmitry Vostokov @ DumpAnalysis.org -
Previously I introduced Hooked Functions pattern where I used !chkimg WinDbg command and today after accidentally discovering yet another patched DLL module in one process I created this simple command to check all modules:
!for_each_module !chkimg -lo 50 -d !${@#ModuleName} -v
0:000:x86> !for_each_module !chkimg -lo 50 -d !${@#ModuleName} -v
[...]
Scanning section: .text
Size: 74627
Range to scan: 71c01000-71c13383
71c02430-71c02434 5 bytes - WS2_32!WSASend
[ 8b ff 55 8b ec:e9 cb db 1c 0d ]
71c0279b-71c0279f 5 bytes - WS2_32!select (+0x36b)
[ 6a 14 68 58 28:e9 60 d8 15 0d ]
71c0290e-71c02912 5 bytes - WS2_32!WSASendTo (+0x173)
[ 8b ff 55 8b ec:e9 ed d6 1b 0d ]
71c02cb2-71c02cb6 5 bytes - WS2_32!closesocket (+0x3a4)
[ 8b ff 55 8b ec:e9 49 d3 19 0d ]
71c02e12-71c02e16 5 bytes - WS2_32!WSAIoctl (+0x160)
[ 8b ff 55 8b ec:e9 e9 d1 1e 0d ]
71c02ec2-71c02ec6 5 bytes - WS2_32!send (+0xb0)
[ 8b ff 55 8b ec:e9 39 d1 14 0d ]
71c02f7f-71c02f83 5 bytes - WS2_32!recv (+0xbd)
[ 8b ff 55 8b ec:e9 7c d0 17 0d ]
71c03c04-71c03c08 5 bytes - WS2_32!WSAGetOverlappedResult (+0xc85)
[ 8b ff 55 8b ec:e9 f7 c3 1f 0d ]
71c03c75-71c03c79 5 bytes - WS2_32!recvfrom (+0x71)
[ 8b ff 55 8b ec:e9 86 c3 16 0d ]
71c03d14-71c03d18 5 bytes - WS2_32!sendto (+0x9f)
[ 8b ff 55 8b ec:e9 e7 c2 13 0d ]
71c03da8-71c03dac 5 bytes - WS2_32!WSACleanup (+0x94)
[ 8b ff 55 8b ec:e9 53 c2 25 0d ]
71c03f38-71c03f3c 5 bytes - WS2_32!WSASocketW (+0x190)
[ 6a 20 68 08 40:e9 c3 c0 11 0d ]
71c0446a-71c0446e 5 bytes - WS2_32!connect (+0x532)
[ 8b ff 55 8b ec:e9 91 bb 18 0d ]
71c04f3b-71c04f3f 5 bytes - WS2_32!WSAStartup (+0xad1)
[ 6a 14 68 60 50:e9 c0 b0 29 0d ]
71c06162-71c06166 5 bytes - WS2_32!shutdown (+0x1227)
[ 8b ff 55 8b ec:e9 99 9e 12 0d ]
71c069e9-71c069ed 5 bytes - WS2_32!WSALookupServiceBeginW (+0x887)
[ 8b ff 55 8b ec:e9 12 96 0f 0d ]
71c06c91-71c06c95 5 bytes - WS2_32!WSALookupServiceNextW (+0x2a8)
[ 8b ff 55 8b ec:e9 6a 93 10 0d ]
71c06ecd-71c06ed1 5 bytes - WS2_32!WSALookupServiceEnd (+0x23c)
[ 8b ff 55 8b ec:e9 2e 91 0e 0d ]
71c090be-71c090c2 5 bytes - WS2_32!WSAEventSelect (+0x21f1)
[ 8b ff 55 8b ec:e9 3d 6f 20 0d ]
71c09129-71c0912d 5 bytes - WS2_32!WSACreateEvent (+0x6b)
[ 33 c0 50 50 6a:e9 d2 6e 22 0d ]
71c0938e-71c09392 5 bytes - WS2_32!WSACloseEvent (+0x265)
[ 6a 0c 68 c8 93:e9 6d 6c 24 0d ]
71c093d9-71c093dd 5 bytes - WS2_32!WSAWaitForMultipleEvents (+0x4b)
[ 8b ff 55 8b ec:e9 22 6c 1a 0d ]
71c093ea-71c093ee 5 bytes - WS2_32!WSAEnumNetworkEvents (+0x11)
[ 8b ff 55 8b ec:e9 11 6c 21 0d ]
71c09480-71c09484 5 bytes - WS2_32!WSARecv (+0x96)
[ 8b ff 55 8b ec:e9 7b 6b 1d 0d ]
71c0eecb-71c0eecf 5 bytes - WS2_32!WSACancelAsyncRequest (+0x5a4b)
[ 8b ff 55 8b ec:e9 30 11 26 0d ]
71c10d39-71c10d3d 5 bytes - WS2_32!WSAAsyncSelect (+0x1e6e)
[ 8b ff 55 8b ec:e9 c2 f2 26 0d ]
71c10ee3-71c10ee7 5 bytes - WS2_32!WSAConnect (+0x1aa)
[ 8b ff 55 8b ec:e9 18 f1 22 0d ]
71c10f9f-71c10fa3 5 bytes - WS2_32!WSAAccept (+0xbc)
[ 8b ff 55 8b ec:e9 5c f0 27 0d ]
Total bytes compared: 74627(100%)
Number of errors: 140
140 errors : !WS2_32 (71c02430-71c10fa3)
[...]
CMDTREE.TXT was also updated with this command.
- Dmitry Vostokov @ DumpAnalysis.org -
“Some” processes “are very busy, and yet do nothing.”
Thomas Fuller, Gnomologia: Adagies and Proverbs
- Dmitry Vostokov @ DumpAnalysis.org -
Thanks to Roberto Farah who blogged about .cmdtree command I was able to create the first version of cmdtree.txt for Crash Dump Analysis Checklist to include common commands that I use. It can be found here:
CMDTREE.TXT for .cmdtree WinDbg command
The link to the file was also added to:
Here is the screenshot of it:
It is useful for complex commands including command sequences and scripts. You can also include special guidelines and reminders as well. In the latter cases you can specify empty command or output something you prefer with .echo, for example command templates to fill manually.
This seems to be similar to EasyDbg.
- Dmitry Vostokov @ DumpAnalysis.org -
“But perhaps the” OS “is suspended on the” finger “of some” developer.
Anton Chekhov, Notebook
- Dmitry Vostokov @ DumpAnalysis.org -
“Think before you” debug!
Pythagoras, Teachings
This bugtation is also illustrated graphically here:
Bugtations: a semiotic approach
- Dmitry Vostokov @ DumpAnalysis.org -
Now a bit of theory behind bugtations. If you know about semiotics you will instantly recognize bugtations as paradigmatic substitutions in quotations (syntagmatic axis). This is better illustrated on the following picture adopted from Daniel Chandler’s book Semiotics, The Basics (2nd ed., figure 3.1, page 84) using this simple bugtation created from Pythagoras famous quotation:
All bugtations are featured here:
http://www.dumpanalysis.org/Bugtations
- Dmitry Vostokov @ DumpAnalysis.org -
“The only way to read” code “without being bored is to” browse “it at random and, having found something that interests you, close the” browser “and meditate.”
Charles-Joseph, Prince de Ligne, Mes écarts
- Dmitry Vostokov @ DumpAnalysis.org -
Another pattern that logically flows from Tool Chain is called Tool Box. Their principal difference is that the former launches subordinated tools in a sequence to reach the common goal and the latter is the tool that launches other tools in any sequence independently:
Often tool boxes are implemented as toolbars. Another boundary example is the so called resource kit tools where an HTML page or taskbar menu serves the role of tool box.
- Dmitry Vostokov @ DumpAnalysis.org -
Comments “are not” code.
- Dmitry Vostokov @ DumpAnalysis.org -
“You can take better care of your” code “than another can.”
Ralph Waldo Emerson, Journals
- Dmitry Vostokov @ DumpAnalysis.org -
“One can best feel in dealing with” systems “how primitive” debugging “still is.”
Albert Einstein, Communication to Leó Szilárd
- Dmitry Vostokov @ DumpAnalysis.org -