Low privilege debugging pipeline

US 8,392,885 B2
Filed: 12/19/2008
Issued: 03/05/2013
Est. Priority Date: 12/19/2008
Status: Active Grant

First Claim

Patent Images

1. A system that performs remote debugging securely comprising:

a computer comprising a processing unit coupled to a memory, the computer further comprising;

a low privilege debug pipeline publisher executing as a server process in a client-server environment,the low privilege debug pipeline publisher publishing debuggability of code belonging to a client in the client-server environment via a low privilege debug pipeline, wherein a debug process isolated running on a server computer on client code resident on the server computer is isolated by publishing the low privilege debug pipeline, the client code resident on the server computer, wherein the low privilege debug pipeline publisher applies a transformation to the client code resident on the server computer, the transformation returning control to the server computer when a debug instruction in the client code is encountered in a debug session, the transformation comprising an insertion of one or more instructions at each place in the client code at which a breakpoint or other debug instruction can be inserted, wherein a debug operation resulting in a pause or stop of execution of the client code does not pause or stop execution of other client threads,wherein a debugging session debugging the client code resident on the server computer is a low privilege process running on the server computer and is restricted to the client code resident on the server computer, wherein in response to encountering a debug instruction in the client code being debugged, control is returned to the server computer and debug information requested by the client is returned to the client via the low privilege debug pipeline, wherein the returned debug information is filtered to exclude confidential information and is limited to the client code belonging to the client.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A low privilege debug pipeline publisher advertises a debugging pipeline. Instead of having a client to which a debugger on the server has been attached interrogate the server for debugging information, the client requests information from the server. Control is returned to the server which can refuse to provide the requested information to the client. A debuggee server executes client code being debugged in an isolated context so that pausing the code at a breakpoint does not block the server. The server can apply transforms to compiled code to make the code cooperate with debugging services so that a privileged component to inspect the debuggee code is not needed.

42 Citations

View as Search Results

9 Claims

1. A system that performs remote debugging securely comprising:
- a computer comprising a processing unit coupled to a memory, the computer further comprising;
  
  a low privilege debug pipeline publisher executing as a server process in a client-server environment,the low privilege debug pipeline publisher publishing debuggability of code belonging to a client in the client-server environment via a low privilege debug pipeline, wherein a debug process isolated running on a server computer on client code resident on the server computer is isolated by publishing the low privilege debug pipeline, the client code resident on the server computer, wherein the low privilege debug pipeline publisher applies a transformation to the client code resident on the server computer, the transformation returning control to the server computer when a debug instruction in the client code is encountered in a debug session, the transformation comprising an insertion of one or more instructions at each place in the client code at which a breakpoint or other debug instruction can be inserted, wherein a debug operation resulting in a pause or stop of execution of the client code does not pause or stop execution of other client threads,wherein a debugging session debugging the client code resident on the server computer is a low privilege process running on the server computer and is restricted to the client code resident on the server computer, wherein in response to encountering a debug instruction in the client code being debugged, control is returned to the server computer and debug information requested by the client is returned to the client via the low privilege debug pipeline, wherein the returned debug information is filtered to exclude confidential information and is limited to the client code belonging to the client.
- View Dependent Claims (2, 3, 4)
- - 2. The system of claim 1, wherein the client code transformation returns control to the server process at breakpoint locations in the client code.
  - 3. The system of claim 1, wherein the low privilege debug pipeline publisher receives a debug request from the client via the low privilege debug pipeline to debug the client code resident on the server computer.
  - 4. The system of claim 3, wherein in response to receiving the debug request from the client via the low privilege debug pipeline, the low privilege debug pipeline publisher initiates the debugging session scoped to the client code resident on the server computer.

5. A computer-readable storage medium, the computer-readable storage medium not consisting of a propagating signal, the computer-readable storage medium comprising computer-executable instructions which when executed cause a computing environment to:
- isolate a debug process running on a server computer on client code resident on the server computer, wherein a debug operation resulting in a pause or stop of execution of the client code does not pause or stop execution of other client threads in the process, wherein the debug process is isolated by publishing a low privilege debug pipeline, wherein the low privilege debug pipeline limits debug information provided to a client computer to the client code belonging to the client computer, the client code resident on the server computer; and
  
  publish the low privilege debug pipeline publishing debuggability of the client code, the low privilege debug pipeline executing as a server process, wherein the low privilege debug pipeline applies a transformation to the client code resident on the server computer, the transformation returning control to the server computer when a debug instruction in the client code is encountered in a debug session, the transformation comprising an insertion of one or more instructions at each place in the client code at which a breakpoint or other debug instruction can be inserted, wherein a debugging session debugging the client code resident on the server computer is a low privilege process running on the server computer and is restricted to the client code resident on the server computer, wherein in response to encountering a debug instruction in the client code being debugged, control is returned to the server computer and debug information requested by the client is returned to the client via the low privilege debug pipeline, the returned debug information is filtered to exclude confidential information.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The computer-readable storage medium of claim 5, comprising further computer-executable instructions, which when executed cause the computing environment to:
    - wherein in response to encountering the inserted instruction, control is returned to the server computer.
  - 7. The computer-readable storage medium of claim 5, comprising further computer-executable instructions, which when executed cause the computing environment to:
    - receive a debug request from the client computer via the low privilege debug pipeline, wherein, in response to receiving the debug request, a low privilege debug pipeline publisher on the server computer initiates a low privilege debug session scoped to the client code resident on the server computer.
  - 8. The computer-readable storage medium of claim 5, comprising further computer-executable instructions, which when executed cause the computing environment to:
    - suspend execution of the client code while the server continues operations.
  - 9. The computer-readable storage medium of claim 7, comprising further computer-executable instructions, which when executed cause the computing environment to:
    - continue to service requests from clients other than the client computer issuing the debug request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Stall, Jonathon Michael, Jazdzewski, Charles P.
Primary Examiner(s)
Bullock, Jr., Lewis A
Assistant Examiner(s)
Huynh, Tina

Application Number

US12/339,111
Publication Number

US 20100162049A1
Time in Patent Office

1,537 Days
Field of Search

717124-129, 714/E11.21, 714/E11.208, 714/E11.217, 714/38.1, 714/38.13, 714/46
US Class Current

717/124
CPC Class Codes

G06F 11/3624 by performing operations on...

G06F 11/3644 by instrumenting at runtime

Low privilege debugging pipeline

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

42 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Low privilege debugging pipeline

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links