Exercise PN6: Analysis of an application process dump (LINQPadE, 32-bit, CLR 4)

Goal: Learn how to recognize and analyze heap corruption.

Patterns: CLR Thread; Exception Thread; Invalid Pointer; Managed Heap Corruption; Execution Residue

Commands: !VerifyHeap, dc

  1. Launch WinDbg from Debugging Tools for Windows or Debugging Tools for Windows (x86)

  2. Open \ANETMDA-Dumps\32-bit\Processes\CLR4\LINQPadE.DMP

  3. If you are presented with this dialog say No:

  4. We get the dump file loaded:

  5. Open a log file using .logopen command and load symbols (.symfix and ...

Get Accelerated .NET Memory Dump Analysis: Training Course Transcript and WinDbg Practice Exercises with Notes now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.