| 1. |
Introduction to OS X Architecture |
|
1 hours |
|
Introduction to the OS X architecture. We discuss the design and implementation of the OS X, at a modular "black box" level, focusing on its layered architecture.
- OS X from the ground up
- Feature differences - 10.4 through 10.6.4
|
|
This module, dealing with the basic hardware and software architectures of Intel-compatible x86 and x64, serves as an introduction and sets the baseline for the debugging workshop.
Note: This module may be replaced by a platform-specific discussion of non-intel architectures as well. This is mostly the case where OS X, on ARM (like the iPhone/iPad) or PPC architectures, is involved.
- Computer Architecture
- The OS and the CPU
- Exception handling
- Traps
- Interrupt handling
|
| 2b. |
Compiling, Linking and Debugging |
|
2 hours |
|
In-depth discussion of code at the assembly (machine code) level. Students will learn:
- Familiarity with assembly code
- GCC compiler optimizations
- The Mach-O binary format, and tools (lipo, nm)
- Using GDB - Tips & Tricks
Exercises include:
- Dissecting a Mach-O binary
|
| 3. |
Processes and Threads |
|
2 hours |
|
The inside view of Mach "tasks" - as well as BSD processes and threads - and how the scheduler manages. Using process diagnostic tools effectively.
- Processes
- Daemons
- Threads
- Priorities and Nice
- The kernel perspective - clone()
- Process scheduler states
- Real-Time priorities
|
| Day 2 |
| 4. |
Process Tracing & Hooking |
|
2 (3) hours |
|
Methods for code-injection into running processes via libraries and the very powerful Dtrace API.
- Library calls vs. system calls - when to use which?
- Libraries
- Compiling a shared library
- Injecting libraries
- Using DTrace
- gprof
- valgrind
Exercises include:
- Creating a Debug Library
- Using DTrace effectively
|
| 5. |
Process Internals |
|
1 (2) hours |
|
A deeper look into user mode processes - the virtual memory layout, and structure of the stack and the heap.
- Process memory layout
- The Stack
- Compiler optimization
- The Heap
|
| 6. |
Memory management bugs |
|
2 (3) hours |
|
A detailed discussion of memory allocation/management bugs, and how they manifest themselves in stack and heap corruption.
- Stack overrun
- Stack buffer overflows
- Heap buffer overflows
- Double Free bugs
- Uninitialized memory
- Use after free
- Memory leaks
- OS X Tools
- heap, leaks, vmmap, and malloc_history
- Finding leaks via Instruments and Shark
|
| Day 3 |
| 7. |
Concurrency |
|
2 (3) hours |
|
A discussion of the challenges involved with writing multi-threaded and multi-process code.
- Concurrency
- Mach Threads
- Inter-Process Communication (IPC) techniques
- Mach IPC
- Locking techniques
- Types of locks
- Optimizing locks
- Deadlocks
- GDB and multi-threaded programs
Exercises include:
- Debugging a multithreaded program using GDB and finding locks
- Debugging a multithreaded program using GDB and finding memory corruption
|
| 8. |
Handling crashes |
|
1 (2) hours |
|
Debugging application crashes (core files) and Kernel panics
- What's in a core file?
- Effective core debugging techniques
- Deciphering Kernel panic dumps
- The Kernel Debug Kit
Exercises include:
- Analyzing a mystery core file
- Analyzing a mystery crash dump
|
| 10. |
Debugging Objective C Code |
|
2 hours |
|
Objective-C is Mac's development language of choice for Cocoa based applications. With its rich class hierarchy, debugging gets an object-oriented flair as it takes into consideration object structure and methods at the binary level.
- Quick refresher on Objective-C Concepts
- How Objective-C Compiles into Mach-O
- Cocoa classes
Exercises include:
- Debugging a sample Cocoa program
|