Hardcore technical presentation for debugging managed code using WinDBG. Covers Debugging basics, CLR Fundamentals and explains various commonly used commands for managed debugging.
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Managed Debugging using WinDBG
1. MANAGED DEBUGGING USING WINDBG
BY
Rupreet Singh Gujral (rupreetg@outlook.com)
Entrepreneur. Product strategist. Architect.
2. AGENDA
• Debugging and Debugger Basics
• Refreshing .NET / CLR Fundamentals
• Various Debugging Tools
• WinDBG: Basic commands
• Demo: Live Process Debugging
• Demo: Live Process Crash Debugging
3. DEBUGGING AND DEBUGGER BASICS
•
Debugging is a black art! It’s a skill not a technology.
•
Debugging is a technique to find root/unknown causes of bugs which
surface normally or randomly.
•
Putting breakpoint in your source code and stepping through isn’t real
debugging. Debugging is when you don’t have source code at hand and you
want to find root cause of the issue.
•
Debuggers typically can do disassembly, stack traces, expression
watches, and more
4. DEBUGGING AND DEBUGGER BASICS (CONT…)
•
3 Types of Debugging
•
•
•
•
Launching an application under debugger
Attaching a debugger to a running process (Non-Invasive Debugging)
Invasively attaching a debugger to a running process (Invasive Debugging)
Symbol Files: They annotates the application binary with additional information like
function names, data structure, etc which helps in debugging
•
•
•
Public Symbol Files
Private Symbol Files
“A software tool that is used to detect the source of program or script errors,
by performing step-by-step execution of application code and viewing the
content of code variables.” – MSDN
5. REFRESHING .NET / CLR FUNDAMENTALS
• Application Domains: Logical boundary in a process to isolate user code
execution.
• Modules: Modules contains the actual code and resources.
• Method Table: Describes a particular type. It includes VT with pointers to
actual code.
• Method Descriptors: Contain detailed information such as textual
representation of method, the module it contain, etc
• Managed Heap: Data structure in memory where all objects – reference types
are stored.
7. REFRESHING .NET / CLR FUNDAMENTALS
Image concept from Mario Hewardt’s book
8. HOW DEBUGGER IS INVOKED WHEN
EXCEPTION OCCURS?
• When code is executed in memory and exception occurs like
DivideByZero exception, then –
• First chance exception is raised by .NET Runtime. This happens as soon as
DivideByZeroException object is defined in memory.
• If debugger is attached to the process, then debugger will break and memory
dump can be taken.
• If an appropriate try-catch block is defined, the exception will be handled and
application continues
• If no try-catch block is defined, then second chance exception is raised
• If debugger is attached to the process, then debugger will break and memory
dump can be taken
• If no debugger is attached, then process will crash.
9. VARIOUS DEBUGGING TOOLS
• Visual Studio: Famous development environment mainly used for source level
debugging. Can be used as user mode debugger for any app.
• CLR Profiler: Profiles the CLR process and spits out report about memory and
other parameters.
• Performance Monitor: Counter based tool, gives real time data about different
parameter like memory, exceptions, handles, etc
• WinDBG: GUI based user mode debugger to debug any kind of application. Can
be used as kernel mode debugger too.
• NTSD: Similar to WinDBG but command line based.
10. WINDBG: BASIC COMMANDS
•
•
•
•
•
•
•
•
•
•
•
•
0:00> - What this denotes in WinDBG?
.sympath, .sympath+ <newPath>, .reload – symbols related commands
!dumpdomain – app domain related command
!dumpassembly – assembly related command
!clrstack/kv – Stack walking
!runaway – Summary for all threads and time spent on CPU
~<n>s – Thread switching
!dumpheap – heap related command
!do – objects dumping
!dumpmt – dumping Method Tables
!threads – Listing all the managed threads
!dae – exception related commands
11. DEMO - LIVE PROCESS DEBUGGING
• Attaching debugger to the live process
• Identifying the starting point for debugging
• Internal data structure of the class
• Display content of arrays
• Breakpoint setting
12. DEMO - LIVE PROCESS CRASH
DEBUGGING
• Attach debugger to the live process
• Handle first chance exception
• Track exception
13. Q&A
Aim and shoot your questions!
Image source: http://egamer.co.za/2011/07/review-shadows-of-the-damned/