The Power of Simplicity
Thursday, February 7th, 2013 
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Archive for the ‘Fun with Debugging’ Category
Bugtation No.162
Thursday, February 7th, 2013If debugging were profitable, everybody would be debugging.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
DD That (Debugging Slang, Part 37)
Tuesday, January 22nd, 2013I don’t know how I missed it. It was the first real life slang I heard almost 10 years ago during hot political and critical crash dump analysis session.
DD That - Analyze that simply.
Although more correctly would be to say DP That at that time when I heard it 64-bit computing wasn’t a mainstream yet. Based on dd WinDbg command to dump raw binary data starting from a given 32-bit memory address.
Examples: I dd-ed that and found an ASCII.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
STATUS (Debugging Slang, Part 36)
Tuesday, January 22nd, 2013STATUS - Something important to check for just now.
Examples: If only programmers checked statuses of their functions more often than statuses on Facebook…
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Bugtation No.160
Friday, November 9th, 2012Computation is short. Debugging is long. Problem is fleeting. Troubleshooting is risky. Diagnosis is difficult.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
After Debugging
Monday, October 29th, 2012
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
FBI (Debugging Slang, Part 35)
Wednesday, June 27th, 2012FBI - Fighting Bugs Inside.
Examples: I’m doing an FBI work now!
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
poo (Debugging Slang, Part 34)
Monday, June 25th, 2012poo - a function that follows foo and bar with a purpose to trigger a crash event, a breakpoint or save memory state.
Examples: void main() { foo(); } void foo() { poo(); } void poo() { asm int 3; }
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
STaMPs (Debugging Slang, Part 33)
Monday, June 25th, 2012STaMPs - Software Trace and Memory Patterns. Stack Trace and Memory Patterns.
Examples: Got a few visible stamps on this trace. And more stamps on that crash dump.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
A NoSQL Problem (Debugging Slang, Part 32)
Sunday, June 10th, 2012A NoSQL Problem - when nothing appears on a refresh.
Examples: I got a NoSQL problem when I signed in to that social website.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Memorandum (Debugging Slang, Part 31)
Thursday, May 10th, 2012Memorandum - when memory ran dump.
Examples: We got a few memorandums from that market leader.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Dump Analysis as a Labour Process
Tuesday, May 1st, 2012; Composed a verse for today
Labour Day
First of May
Analyze
Today
; Plan to analyze from 32 to 64 dumps
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Music for Debugging: Make It Through This Trace
Sunday, April 1st, 2012Software trace analysis is notoriously difficult so a bit of folk music is needed to make debugging sessions less boring. The following album came to my attention in a local library and after listening to it I recommend it for software log analysis sessions:
Here’s my own track title interpretation:
1. Dream Away The Defects
2. This I’d Analyze
3. A Magnifier
4. Make It Through This Trace
5. Don’t Let It Go Unanalyzed
6. Request-Reply Pair
7. I Love It When It’s Short
8. No Higher Specs
9. Said, Said.
10. When I Think Of You, My Customers
11. Close to The Defect
12. A Debugger For You Now
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Typology, Typological (Debugging Slang, Part 30)
Friday, March 30th, 2012Typology - a logic of typos in software. Typological - a logical typo.
Examples: A typology of defects in source code. An engineer committed a grave typological mistake.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Welcome to Ki* and Ke*!
Monday, March 19th, 2012Not long ago we became the proud owners of Ke* parrot named after OS kernel functions. It didn’t behave as we expected (heavily used Reflection API) so Ki* parrot counterpart was brought into a space. They now behave and communicate happily ever after:
They also inspired a Computicart (Computical Art) composition: What is to be done?
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
I Memory Dump
Thursday, March 15th, 2012This is both a game and serious philosophical and religious tool to guide your life. Basically you need either 32 coin flips to construct a 32-bit pointer (or 64 flips for wide coverage) or 16 flips using a dice where each throw can generate at least 2 bits. Any device can help if you can get a random pointer. Then you use your favourite memory dump and symbol files for interpretation. Double, triple and multiple dereferences from a pointer can also be used to construe a path.
For example, I just played and got:
0:000> ? 0y10010111111000100100011011100111
Evaluate expression: -1746778393 = 97e246e7
0:000> !address 97e246e7
Address 97e246e7 could not be mapped in any available regions
If address is inaccessible switch to another memory dump or continue flips and shift digits to the left. This way I got:
0:000> ? 0y00101111110001001000110111001111
Evaluate expression: 801410511 = 2fc48dcf
0:000> !address 02fc48dcf
Usage: Free
Base Address: 1f858000
End Address: 58c30000
Region Size: 393d8000
Type: 00000000
State: 00010000 MEM_FREE
Protect: 00000001 PAGE_NOACCESS
Continue flip and shift until you get an output with symbol signs:
0:000> ? 0y01011111100010010001101110011110
Evaluate expression: 1602821022 = 5f891b9e
0:000> dp 5F891B9E
5f891b9e ???????? ???????? ???????? ????????
5f891bae ???????? ???????? ???????? ????????
5f891bbe ???????? ???????? ???????? ????????
5f891bce ???????? ???????? ???????? ????????
5f891bde ???????? ???????? ???????? ????????
5f891bee ???????? ???????? ???????? ????????
5f891bfe ???????? ???????? ???????? ????????
5f891c0e ???????? ???????? ???????? ????????
0:000> !address 5F891B9E
Usage: Free
Base Address: 5eb8a000
End Address: 60080000
Region Size: 014f6000
Type: 00000000
State: 00010000 MEM_FREE
Protect: 00000001 PAGE_NOACCESS
Unloaded modules that overlapped the region in the past:
BaseAddr EndAddr Size
5ebc0000 5ebcd000 d000 Perfctrs.dll
Dump output for thought: “In the past - perfect control, performance was counted, now - free.”
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
A Blue Screen Watch
Wednesday, March 7th, 2012The following watch came to my attention when I saw an ad at Zurich airport last week:
Tissot Seastar Blue Dial Mens Watch T0664071104700
Good complement to a digital one I have: Teaching binary to decimal conversion.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Watching a Movie (Debugging Slang, Part 29)
Monday, February 20th, 2012Watching a Movie - Watching the prodigious output of some debugging commands and scripts in real time.
Examples: Watching the output of !process 0 ff WinDbg command. Watching the output of user stack trace database and breaking in when it becomes uniform.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Holy Pilgrimage to Harvard University
Wednesday, February 1st, 2012I have plans for a debugging tour to visit famous debugging places around the world. According to Wikipedia I have to start with Harward University where the first bug was found. I’ll keep you informed on the progress of this memorianic pilgrimage.
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -
Bugtation No.155
Wednesday, February 1st, 2012On natural pointers vs. pointers that are not natural, like a NULL, wild or dangling pointer.
Thus, a man who intends keeping pointers naturally tries to get as good debuggers as he can … .
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -