Win32 Post-Mortem Debugging for Begginer

ޙഅ҃ ([email protected])
Win32 Post-Mortem Debugging for Begginer 
(with WinDBG) ver 1.0.0.4, 2004-08-21

View Slide

Debugging in WIN32 Application
INTRODUCTION Exception by Crash (AV: Access Violation)
- User mode
User Applicationীࢲ ߊࢤ
1. Hardware Exception
Hardwareীࢲ ߊࢤ, Page-Fault, Divide by zero, Access violation
2. Software Exception
User application੉ա OSо ݺद੸ਵ۽ ߊࢤदఃח Exception (RaiseException())
- Kernel mode
Drivers, File system, Low-level virtual memory, Operating system components
ীࢲ ߊࢤ
(ߊࢤद ࠶ܖझ௼ܽ(Stop screen, Blue Screen)ਵ۽ ܻನ౴)
Hang
- CPU 100% by spinning thread
- Dead lock
- IO Pendding
Memory Leak
Logical Error by Coder
[email protected] 2
1. What is bug?

View Slide

INTRODUCTION Debugger, Debugging toolਸ ੉ਊ೧ࢲ Bugܳ ೧Ѿೞח җ੿
Types of Debugging
- Kerner mode 
1. Kernel, mode levelীࢲ प೯غח driver, file systems, operating system
componentsٜ੄ ޙઁܳ debuggingೞחѪ
2. WinDBG, SoftIce١੄ Kernel mode debugger੄ ࢎਊ
- User mode 
1. NT Serviceܳ ನೣೠ User mode levelীࢲ प೯غח application੄ bugী ؀ೠ
debugging
2. Kernel mode debugger৬ CDB, MSDEV ...
Methods of Debugging
- Post Mortem Debugging
1. Dump Debugging - Dump ചੌ۽ ࠙ࢳ
2. Map Debugging - Map ചੌਸ ੉ਊೠ ࠙ࢳ
- Interactive(Live) Debugging
1. प೯द Debugger(WinDBG, MSDEV..)ী Processܳ Attachೞৈ ࠙ࢳ
2. Debugging With Developer Studio (IDE)
- Tracing options (logfileҗ ੹ਊ analyser੄ ࢎਊ)
Debugging in WIN32 Application [email protected]
2. What is DEBUGGING?

View Slide

INTRODUCTION Dump
- ݫݽܻ ৔৉੄ ؘ੉ఠ੄ ੉޷૑ܳ ٣झ௼ী ӝ۾ೞחѪ
- Typeҗ Modeী ٮۄ աׂࣻ ੓਺
1. Kernel, User Mode Dump
2. Full, Summary, Mini
- Kernel Mode Dump
1. Full Dump (All Windows NT Version)
a. Machine࢚੄ ݽٚ ޛܻ੸ ݫݽܻܳ Dump
b. User mode processٜ੄ ੿ࠁܳ ݽف ٣ߡӦ ೡࣻ ੓਺
2. Summary ( New in Windows 2000)
a. Crashद੼ਸ ଺ӝ ए਑
b. Kernel debuggingী ೙ਃೠ ੿ࠁ݅ਸ о૗
c. User mode process੄ Stack੿ࠁٜਸ ঌࣻ হ਺
3. Mini (New in Windows 2000)
a. 64K੉ೞ੄ ࢎ੉ૉ
b. Faultী ؀ೠ ୭ࣗೠ੄ ੿ࠁ(Thread੄ context, stack..)
3. Commonly Used Terms

View Slide

INTRODUCTION - User Mode Dump
1. Full Dump (All Windows NT Version)
a. ೧׼ Applicationҙ۲ػ ݽٚ ݫݽܻ ৔৉ ؘ੉ఠܳ Dump
2. Mini Dump (Windows XP, 2003 Servers (“Whistler”))
b. Crashী ؀ೠ ӝࠄ ੿ࠁ৬ Crashद੼ীࢲ ҙৈػ ݽٚ Thread
Context৬ Stackী ؀ೠ ੿ࠁ
Checked build and Free build
- Checked Build
Debugging Informationਸ о૓ ߡ੹ (Checked or Debug build)
- Free Build
Debugging Informationਸ о૑૑ ঋ਷ ߡ੹(Release or Free build)
Exception
- Applicationীࢲ ߊࢤदఃח ী۞ী ؀ೠ event (bad event), software, hardware۽ աׂ ࣻ
੓׮.
Attach
- Debuggerо ੉޷ प೯઺ੋ applicationী debuggingਸ ೞח Ѫ
Image File
- प೯ оמ ೠ ౵ੌਸ оܰఅ׮. .exe/.dll੉ݴ Image file, executable file੉ۄҊ ೠ׮.
3. Commonly Used Terms (Con’t)

View Slide

INTRODUCTION Object File
- Linkerী Image fileਸ ٜ݅ӝ ਤ೧ ઱য૑ח ౵ੌ .obj
Symbol
- Symbol ౵ੌ਷ ೐۽Ӓ۔ ౵ੌ(Image file)ী ؀ೠ ৈ۞੿ࠁܳ о૑Ҋ ੓ח ؘ੉ఠ ౵ੌ
1. ೣࣻ ੉ܴҗ ݫݽܻী ਤ஖ೠ ઱ࣗ
2. ੹৉, ૑৉ ߸ࣻ ੉ܴҗ ݫݽܻী ਤ஖ೠ ઱ࣗ
3. ೣࣻ੄ Frame pointer Omissions (FPO) ੿ࠁ (non standard stack frameী
ࢲ debuggerо EBPܳ ੉ਊೠ stack frame ੉ز(stack trace)ী ࢎਊ
4. ࣗझ௏٘ ۄੋ ੿ࠁ
- The three types of debug symbols generated by MSVC++
1. COFF
- Non MS ನݘ(Unix System V), MSীࢲ ߓನ(shipped)ೞח .dbgח ੌࠗ࠙ MS
COFFఋੑਸ ࢎਊ
- FPO, ೣࣻ ੉ܴী ؀ೠ Symbol݅ਸ ನೣ (Variables, Source lineઁ৻)
- ߓನߡ੹(੿ध Release)ী ઁ੘غח symbol type੉׮.
2. CodeView
- MS ನݘ, (Debug infoীࢲ Microsoft Formatࢶఖद ࢤࢿ)
- Image file, Object fileী ನೣغয ੓׮.
- FPO, Function info, Variables(global, static, and local ). Source line ੿ࠁܳ
ನೣೠ׮.
- ղࠗ ѐߊ੉ա 3rd-Party ۄ੉࠳۞ܻ੄ ҃਋ Customerীѱ ઁҕ

View Slide

INTRODUCTION 3. PDB
- MS ನݘਵ۽ Image file੉ա object fileী symbol ੿ࠁо ನೣغ૑ ঋח׮.
- Compiler ࣇ౴ীࢲ Program data base৬ Program data base and continue
(Optimizations ࣇ౴җ э੉ ࢎਊ ޅೣ) दী ࢤࢿؽ
- FPO, Function info, Variables(global, static, and local ), Source line ੿ࠁܳ
ನೣೠ׮.
- Incremental linkਸ ૑ਗೣਵ۽ࢲ Enc(Edit and Continue)ܳ ૑ਗ
- ѐߊ ߡ੹ীࢲ ઱۽ ࢎਊೠ׮.
- The three types of debug symbol files
1. .dbg
- PE౵ੌ ನݘਵ۽ ػ Symbol ౵ੌ
- Compiler, Linkerо Image file(PEನݘ)ী ؔࠢৈ ஹ౵ੌ ؽ, rebase۽ .dbg౵ੌ
ਸ ܻ࠙ ೡ ࣻ ੓਺
- COFF, CodeView symbolನݘਸ ૑ਗ.
- MSVC++ח .dbg౵ੌਸ ੍ਸ ࣻ ੓૑݅ COFF Symbolਸ ޖदೞҊ CodeView ੿
ࠁ݅ ࢎਊೠ׮.
2. .pdb
- Symbolী ؀ೠ ؘ੉ఠܳ data streamਵ۽ о૑Ҋ ੓ח page౵ੌ
- ݽٚ ੿ࠁܳ о૑Ҋ ੓׮. (locals, globals, statics, FPO, source lines ...)
- PDB, CodeView symbol ನݘਸ ૑ਗೠ׮.
3. .map
- Global symbol, Source line੿ࠁܳ о૑Ҋ ੓ח text ౵ੌ
- Debuggerীࢲ ૑ਗೞ૑ ঋח׮. (WinDBG)
note: ੗ࣁೠ ର੉ח п ࢸ੿߹۽ ஹ౵ੌറ dumpbinਵ۽ Symbolী ؀ೠ ੿ࠁ઺ী Debug
Entry, CODEVIEW Debug Info, MISC Debug Info, FPO Debug Info١੄ ೦ݾীࢲ ର੉ܳ ঌࣻ ੓׮.
(\etc\dbginfo\Readme.txt ଵҊ)

View Slide

INTRODUCTION
FPO / EBP / ESP
- FPOח Frame Point Omissions ೞৈ Frame Pointer(EBP, ESP)ী ؀ೠ ੘সਸ
ೞ૑ ঋחѪਸ ݈ೠ׮. (Symbol੉ হ׮ݶ റী ੿ഛೠ Stack੿ࠁ৬ Call stack traceܳ
ೞӝ ൨ٜয૓׮.)
- FPOܳ ࢎਊೞ૑ ঋਸ ҃਋ ೣࣻ द੘द EBP / ESPח Stack Frame੄ ੿ࠁܳ ਬ૑ೞӝ ਤ೧ࢲ
അ੤ Stack੄ Base৬ Top੄ ਤ஖ܳ о૑Ҋ ੓׮. ੉ܳ ੉ਊೞৈ Parameter ؘ੉ఠ ੿ࠁա Local ߸ࣻ੄
੿ࠁ, ೣࣻ Call Stack ੿ࠁܳ ੿ഛ൤ ঳ਸ ࣻ ੓׮.
note: src\stack.rp੄ ଵҊ
PARAM
EBP
RET
LOCAL
PARAM
RET
EBP
LOCAL
PARAM
RET
0x00000000 ਸ ೱ೧ ੗ۆ׮. Ӓېࢲ Pushܳ ೞ
ݶ ESP੄ ч੉ ઴যٚ׮.
Func2ܳ ਤೠ Parameter, ret addressч Ӓېࢲ Func2ীࢲ ebp + 8੉
ೣࣻ ഐ୹द о੢ ୊਺ Parameterчਸ оܰఃѱ ػ׮.
ೣࣻ द੘द Stackী ऺ੉ח ࣽࢲח
EBP -> Local Variable -> Parameter(ೣࣻഐ୹द) -> ret׮
ೣࣻ द੘द Stack
ऺ੉חEBPח ੉੹
ೣࣻ੄ EBP੉׮.
അ੤ Func3ীࢲ EBP
അ੤ Func3ীࢲ ESP

View Slide

DEBUGGING
TOOL
AND
SYMBOL
Generate Symbol
- Built in symbol for Release builds by MSVC++ 6.0
- Release ߡ੹ীࢲח MSVC++ 6.0਷ Symbolਸ ٜ݅૑ ঋ਺
- NT ജ҃߸ࣻࣇ౴
_NT_SYMBOL_PATH۽ Symbol pathܳ ࢸ੿ೞݶ Dr.Watsonীࢲ ࢎਊೠ׮.
- Project Setting for Symbol
1. Project -> Setting(ALT + F7) ݫ׏ ࢶఖ
2. Win32 Release Configuration ݽ٘ ࢶఖ
3. C/C++/General/Debug Info/Program Database ࢶఖ
4. Link/General/Generate debug info
.pdb file case
5. Link/Custmize/Use Program Database ࢶఖ
6. Link/Debug Info/Microsoft Format or BOTH ࢶఖ
7. EnCܳ ࢎਊೞ۰ݶ
7 - 1 Link/General੄ Link incrementallyࢶఖ
7 – 2 C/C++/General/Debug Info/Program Database
and Continue ࢶఖ
.dbg file case (COFF)
5. Link/Custmize/Use Program Database੄ ࢶఖਸ ೧ઁ
6. Link/Debug Info/COFF ࢶఖ
7. dumpbin /headers [FILE_NAME]ਸ ࢶఖೞৈ image base address
ܳ ঳ח׮.
8. rebase –b [BASE_ADDRESS] –x . [FILE_NAME]ਸ ೞݶ .dbg౵ੌ੉
ࢤࢿػ׮.
4. Symbols

View Slide

4. Symbols (Con’t)
DEBUGGING
TOOL
AND
SYMBOL
- Symbolਸ ࢤࢿदী /RELEASEܳ linker ২࣌ী ୶о ೠ׮. Ӓ۞ݶ ࢤࢿೞח Image fileী
Checksum೧׼ Symbolҗ੄ Checksumч੉ ٜযоѱ ػ׮.
- MSDEVীࢲ tool/option/debugীࢲ Load COFF & Exportܳ ࢶఖೞݶ MSDEVীࢲ ѐߊ઺
ীب Symbol ഛੋ੉ оמ
- Releaseߡ੹ীࢲ Call stack traceܳ ೞѢաա Dumpܳ ੉ਊೠ Debugging੄ ҃਋ ݫੋ೐۽Ӓ
۔਷ FPOܳ ԁ઱যঠ ೞݴ DLL੄ ҃਋ীח ੌ߈੸ਵ۽ Optimize২࣌(O1, O2, Ox)ܳ ࢎਊೞ૑
݈ইঠ ੿ഛೠ ؘ੉ఠܳ ঳ਸ ࣻ ੓׮.
- 2004-09-11 ୶оࢎ೦
- MSVC++ীࢲ ஹ౵ੌ ২࣌ /og (General optimaization)

View Slide

4. Symbols (Con’t)
DEBUGGING
TOOL
AND
SYMBOL
Symbol Verification
- Debugger tools for windowsܳ ࢸ஖ೞݶ ࢸ஖द э੉ ࢸ஖ؽ
- CheckSym
>> checksym.exe –p notepad.exe –v –s –y c:\symbol_path
- SymChk
>> symchk.exe /ie notepad.exe /s c:\symbol_path
>> symchk.exe /r [IMAGEFILE_PATH] /s SRV*[SYMBOL_STORAGE_PATH]*http://msdl.microsoft.com/
download/symbols
- WinDBG command
۽٘ػ Symbolҗ Image fileীࢲ ࢎਊೠ ೣࣻ١੄ ݽٚ Symbolਸ Ѩࢎ೧ષ
>> !sym noisy -> .reload [IMAGE_MODULE_NAME]
note: ؊ ੗ࣁೠ Ѫ਷ WinDBG Help੄ Verifying Symbols ࠁѢա doc\Verifying
Symbols.WinDBG.kr.doc ޙࢲܳ ଵҊ

View Slide

SEH
(Structure
Exception
Handling)
Exception Handling in SEH
- Exceptionী ؀೧ࢲ ਬো(__except)ೞҊ ૒ҙ੸੉Ҋ (__finally)ѼҊೞѱ ௏٘ܳ ੘ࢿೞӝ ਤೠ Windows(OS)੄
दӒօ݂ ݒழפ્
- Exception दӒօ੉ ߊࢤೞݶ Stack࢚੄ Exception Handlerܳ ଺ח ঘ࣌(Unwinding)੘স੉ द੘غ
ݴ, ଺૑ ޅೡ ҃਋ ೐۽ࣁझ ҳزೣࣻੋ(BaseProcessStart/BaseThreadStart)੄ Exception Handler
ীࢲ Exception੉ ೩ٜ੉ غয Unhandled Exceptionী ؀ೠ ӝࠄ੸ੋ ز੘ਸ ೞѱ ػ׮(҃Ҋହ)
- _set_se_translator, SetUnhandledExceptionFilterܳ ాೞৈ ӝઓ੄ Handlingೣࣻܳ ؀୓ ೡࣻ ੓਺
- Exception Handling੄ ࠺زӝച(Asynchronous)৬ زӝച(Synchronous)
- Exception Handling ௏٘ܳ ࢤࢿೞח ߑߨ੄ ର੉
- ࠺زӝച(Asynchronous): try/catch ࠶۟ীࢲ throwೞח ௏٘о হযب ௏٘ ࢤࢿ
- زӝച(Asynchronous): try/catch ࠶۟ীࢲ throwೞח ௏٘о হ׮ݶ ௏٘ ࢤࢿೞ૑ ঋ਺
- MSVC++ 6.0/Release࠽٘ ীࢲח زӝച(Asynchronous) ݽ٘о default(/GX, “/EHsc”)׮
- MSVC++ 6.0ীࢲ ࠺زӝച(Asynchronous)۽ ࣇ౴਷ “/EHa”
- MSVC++ 6.0ীࢲ ࠺زӝച(Asynchronous)ࣇ౴ীࢲ throwо হযࢲ ௏٘ ࢤࢿਸ ਗ஖ ঋਵݶ
__declspec(nothrow)ܳ ࢶ঱೧ঠೠ׮.
- SEHী ؀೧ࢲ ঌ۰ݶ ߈٘द ଵઑ೧ঠೡ ޙࢲ
A Crash Course on the Depths of Win32™ Structured Exception Handling – Matt Pietrek
Programming Application for Microsoft Windows 4th – Jeffry Richter
5. SEH (Structured Exception Handling)

View Slide

SEH
(Structure
Exception
Handling)
5. SEH (Structured Exception Handling) Con’t
Exception
Kernel
First Change
Exception
Debuger
Debugger
Search
Handler
(Unwinding)
Handler
Second
Chance
Exception
Call
Handler Func
(_set_se_translator)
Program
Continue
Call Custom
Unexception
Filter Func
(SetUnhandled
ExptionFilter)
Program
End
Call
Thread/Process
Unhandled
Exception
Custom
Unhandled
Exception
Filter
Debugger
First/Second
Program
End After
Handling
Y
First
Second
Y
N
Y
N
N
N
Y
UserProcess
Monitor,
ADPlus 1st
Dr.Watson
ADPlus 2st
Handlerীࢲ ܻఢч੉
EXCEPTION_CONTINUE_SEARCH
ۄݶ Catcher ز੘
೧׼ ೐۽ࣁझо хदо
غҊ ੓׮ݶ ز੘

View Slide

SEH
(Structure
Exception
Handling)
Windows & SEH
- SEHח ࠄې Kernel API١ীࢲ ؊ Robustೞѱ ௏٘ܳ प೯ೞӝ ਤ೧ࢲ ٜ݅য૓Ѫ
- Windowsח EntryPointerೣࣻܳ प೯ೡٸب __try/__expect৬ UnhandledExceptionFileter()ܳ ੉ਊ೧ࢲ ௏
٘ܳ प೯ दఃҊ ੓׮.
5. SEH (Structured Exception Handling)
// /lab/View_SHEଵҊ
// crtmain੄ pseudo code
// _XcptFilter()ೣࣻীࢲ UnhandledExceptionFilter()о ࠛ۰ ਋ܻо ঌҊ ੓ח
// Crashହ੉ ڲ׮
void WinMainCRTStartup(
__try {
// dos੄ ҃਋ main, Window੄ ҃਋ Winmain੉۠ध੉׮.
int mainret = main(__argc, __argv, _environ);
exit(mainret);
}
__except ( _XcptFilter(GetExceptionCode(), GetExceptionInformation()) )
{
_exit( GetExceptionCode() );
}
}

View Slide

6. Debuggers
DEBUGGING
TOOL
AND
SYMBOL
CDB(Console Debugger) / NTSD (NT Software Debugger)
- Consoleӝ߈ Debugger
- WindowsNT੉࢚ীࢲ ࢎਊ оמ
WinDBG
- GUIӝ߈੄ Windowsਊ Debugger
- Windows9X੉࢚ীࢲ ݽف ࢎਊоמ
MSDEV
- MS੄ ѐߊਊ IDE, Debuggerӝמ੉ ղ੢
- Windows95੉࢚ীࢲ ݽف ࢎਊ оמ
Default Debugger Setting
- Registry/HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\AeDebugܳ ࣻ੿
- WinDBG –I
- Drwtsn32 –i
Windows9X/ME Debugger Tool Issues
- 9X/MEח ੌ߈੸ੋ ߑߨਵ۽ Symbol੉ .sym౵ੌ۽ ഐജغ૑ ঋח׮.
ৢ߄ܲ .dbg, .pdb Symbolਸ ҳ೧ঠ ೠ׮.
- ME Debugging tool
(http://www.microsoft.com/whde/debugging/default.asp#DebugME)
- GDI32.dllীࢲ੄ FIrst chance Exceptionী ؀ೠ Filteringਸ ೧ঠೠ׮.

View Slide

DEBUGGING
TOOL
AND
SYMBOL
User Dump
- ࣻزਵ۽ dump ӝ۾ೞӝ
1. Process list
>> userdump –p
2. Process id۽ dump
>> userdump [PROCESS_ID] [DUMPFILENAME].dmp
3. Process nameਵ۽ dump
>> userdump [PROCESS_NAME] [DUMPFILENAME].dmp
- ੗زਵ۽ dump ӝ۾ೞӝ
1. ઁয౸੄ Process dumpܳ प೯
2. ೐۽Ӓ۔ݺਸ ӝ۾ೞҊ ࣇ౴റ Service۽ ز੘
- First Chance Exceptionदী dump catcher
6. Dump Catchers

View Slide

DEBUGGING
TOOL
AND
SYMBOL
Dr. Watson
- Console, प೯ীࢲ
>> drwtsn32
- ة݀੸ੋ exe ഋక੄ ࢲ࠺झ demon э਷ ೐۽ࣁझо ੉࢚ ઙܐद ਬਊ
- ੗୓ ೩ٜ۞о ੓যࢲ 2nd chanceо ߊࢤೞ૑ ঋח ҃਋ (COM+ Compoent, Asp pages,
asp.net pages) ীח ੜ ࢎਊغ૑ ঋח׮.
- log౵ੌ۽ب Exceptionী ؀ೠ ࠙ࢳ੉ оמ, ؘ੉ఠ ־੸оמ
दझమ ੿ࠁ, ੘স ݾ۾, FPO, Thread context੿ࠁ, Crashद diassembly code,
Stack dump, CallStack, Symbol table੿ࠁܳ ӝ۾
- _NT_SYMBOL_PATHী ೧׼ ೐۽ࣁझ੄ Symbol੓ਵݶ ੿ഛೠ ݽٕ, ೣࣻݺ ӝ۾ оמ
- Second Chance Exceptionदী dump catcher
6. Dump Catchers (Con’t)

View Slide

6. Dump Catchers (Con’t)
DEBUGGING
TOOL
AND
SYMBOL
Adplus.vbs
- Debugging Tools for windowী ನೣػ ਬ౰ܻ౭
- CBDܳ ࢎਊೞৈ First/Second Exceptionী ੘ز
- .vbs੉޲۽ customizing੉ оמ.
- Crash modeח Local Consoleীࢲ݅ оמ (ఠ޷զীࢲח ۽Ӓইਓदী ੘زೡ ࣻ হ਺)
- Dump ٣۩షܻীח пઙ log৬ Fiest/Second Exceptionद੄ mini/full dumpо ӝ۾
- Crashदী dump ӝ۾ೞӝ
1. Process nameਵ۽ dump
>> adplus.vbs -crash -pn [PROCESS_NAME] -o [DUMP_OUTPUT_DIR]
2. Process id۽ dump
>> adplus.vbs -crash -p [PROCESS_ID] -o [DUMP_OUTPUT_DIR] 
CDB / WinDBG
- فѐ੄ debuggerٜب dump catchо оמೞ׮.(WinDBG੄ ҃਋ .dump Commandܳ ࢎਊ)

View Slide

DEBUGGING
TOOL
AND
SYMBOL
Umdh
- Memory leakਸ log౵ੌਸ ా೧ࢲ Ѩ୹
- MSDN KB Q268343ਸ ଵઑ
Gflag
- Heap Corruptionߊࢤ(HEAP ҃҅ࢶನೣ)द debuggerܳ ഐ୹
- Memory leak੼Ѩदب umdh৬ э੉ ࢎਊ
- ೧׼ image fileী ؀ೠ ੿ࠁо registryী ӝ۾غয ೧׼ image file੄ heap࢚కܳ хद
- Gflags ࣇ౴ೞӝ
1. GUIীࢲ
- Image file nameী хदೡ image file ੉ܴ ੑ۱
- Image file options ࢶఖ
- Enable heap tail checking ࢶఖ
- Enable heap free checking ࢶఖ
- Enable page heap ࢶఖ
- Create user mode stack trace database ࢶఖ
1. Consoleীࢲ
>> gflags –i [IMAGE_FILE_NAME] +htc +hfc +hpa +ust
2. WinDBGܳ Default debugger۽ ࣇ౴ೠ׮ (ex. >> windbg –I)
3. Image ౵ੌ ҳز
7. Memory Leak/Corruption

View Slide

7. Memory Leak/Corruption (Con’t)
DEBUGGING
TOOL
AND
SYMBOL
Boundschecker
- 3rd party ઁಿ (Compuware)
- ڪযդ ࢿמҗ ܻನ౴ ӝמ
- Goooooooooood
PMON, Leakdiag
- PMON਷ NT Resouce kitী ੓਺
- Leakdiagח ই૒ ߓನ౸਷ হҊ ߬ఋߡ੹੉׮. .NET Platformীࢲ جইх
(bin\tools\leakdiag)

View Slide

DEBUGGING
TOOL
AND
SYMBOL
Crash Finder
- Second chance exceptionदী Crash઱ࣗ৬ Map౵ੌਸ ੉ਊೞৈ
ࣗझۄੋ ਤ஖ܳ ౵ঈೡ ࣻ ੓਺
- Debugging Applications(John Robbins)ী ನೣ
8. Etc Tools

View Slide

Demo
9. WinDBG Useful Command
WinDBGীࢲ ੜ ࢎਊغח Command੄ ؀ೠ ੿ࠁ ੉ݴ WinDBG੄ MSDN Helpੋ Using Debugging Tools for
Windowsܳ ଵҊೞח Ѫ੉ о੢ જ׮.
k” Command
- “k”: അ੤ ॳۨ٘੄ Stack Frame ੿ࠁܳ ࠁৈળ׮. അ੤ Stack Frame࢚੄ ೣࣻ੉ܴب ࠁৈ
ળ׮
- “kb”: Stack Frameীࢲ DWORDഋక੄ ౵ۄ޷ఠ 3ѐ੄ чਸ ࠁৈળ׮.
- “kv”: FPOؘ੉ఠܳ ࠁৈળ׮.
- “kd”: അ੤ Stack Frame࢚੄ Stack ؘ੉ఠܳ DWORD௼ӝ݅ఀঀ ૢۄࢲ ࠁৈળ׮.
- “kv”: Stack Frame чਸ ࠁৈળ׮.
"ln" Command
ݺदೠ ઱ࣗ৬ о੢ оө਍ Symbol ؘ੉ఠܳ ࠁৈળ׮. l+lਸ ࢎਊೞݶ ࣗझۄੋ ੿ࠁо ੓ਸ
҃਋ э੉ ୹۱
"lm" Command
അ੤ ۽٘ػ ݽٕ੄ ੿ࠁܳ ࠁৈળ׮.
"dv" Command
അ੤ Stack Frame੄ ۽ஸ߸ࣻ੄ ੉ܴҗ чਸ ࠁৈળ׮.
"dt" Command
"dt [DATANAME]" : [DATANAME]੄ чਸ ࠁৈળ׮.
“dt g_CurrentTag” : ੹৉߸ࣻ g_CurrentTag੄ чਸ ࠁৈળ׮
“dt dbgexe!g_pFileList –r5” : g_pFileListо Linked-list੄ ҃਋ োѾػ ҳઑܳ ࠁৈળ׮

View Slide

Demo
9. WinDBG Useful Command (Con’t)
"d" Command
"da" : ANSI ޙ੗ৌ ഋక۽ чਸ ࠁৈળ׮.
"db" : BYTE ഋక۽ чਸ ࠁৈળ׮.
"dc" : ೧׼઱ࣗ੄ ௏٘чਸ ࠁৈળ׮.
"dd" : DWORDഋక۽ чਸ ࠁৈળ׮.
"dw" : WORD or Unicode ޙ੗ч ഋక۽ чਸ ࠁৈળ׮.
"x" Command
ݽٕী ؀ೠ ੿ࠁܳ ௪ܻ ೡ ࣻ ੓׮. x [MODULENAME]![*, ޙ੗ৌ]ਸ ೞݶ ೧׼ೞח ݽٚ ੿ࠁ
ܳ ࠁৈળ׮.
- "x *!" : ݽٚ ݽٕী ؀ೠ ੿ࠁܳ ࠁৈળ׮.
- "x User32!MB*" : User32.dllݽٕীࢲ MB۽ द੘ೞח ݽٚ ੿ࠁܳ ࠁৈળ׮.
"u" Command
೧׼ೞח ઱ࣗ੄ ীࣅ࠶ܻ ௏٘ܳ ࠁৈળ׮.
- "u 0143ff3c" : 0143ff3cࠗఠ੄ যࣅ࠶ܻ ௏٘ܳ ࠁৈળ׮.
- "u eip" : അ੤ Instruction Poirterࠗఠ੄ যࣅ࠶ܻ ௏٘ܳ ࠁৈળ׮.
"g" Command
അ੤ ॳۨ٘ܳ ز੘ दఅ׮. ॳۨ٘ܳ ૑੿ೡ ࣻب Start,Break઱ࣗܳ ݺद ೡࣻب ੓׮.
"r" Command
അ੤ Context੄ Register੿ࠁܳ ࠁৈળ׮
".logopen", ".logappend", ".logclose" Command
അ੤ WinDBG Commandହী ࠁৈ૑ח ݽٚ ղਊਸ ӝ۾ೠ׮. пп ࢜۽ࢤࢿ, ؔࠢৈӝ۾ೞӝ,
౵ੌײӝ੄ ӝמਸ ೠ׮.

View Slide

Demo
"p" Command
Step over routine, ೣࣻܳ Ӓր ഐ୹ೞৈ ૓೯ೠ׮.
"t" Command
Step into, ೣࣻ ഐ୹द ఐ࢝ೞৈ ٜযоࢲ ௏٘ ૓೯
“~” Command
Threadܳ ਤೠ ௏ݔ٘
“~.” അ੤ ॳۨ٘ܳ ૑டೠ׮.
“~*” ݽٚ ॳۨ٘ܳ ૑டೠ׮.
“~#” Exception੄ ਗੋੋ Threadա debug eventܳ ߉਷(ੋఠۣ౟, dump) thread
“~Number” ೧׼ೞח ߣഐ੄ Threadܳ ૑டೠ׮.
"~# s" #ߣഐ੄ Threadܳ അ੤ debug࢚క۽ ࣇ౴ೠ׮.
׮ܲ command৬੄ ઑ೤ب оמೞ׮.
"F", "Z" Command
೧׼ ॳۨ٘ܳ Freeze/Unfreezeೠ׮.
"?" Command
16૓ࣻчਸ ֍ਵݶ 10૓ࣻ = 16૓ࣻ੄ чਸ ࠁৈળ׮.
ex)
0:001> ?10
Evaluate expression: 16 = 00000010
0:001> ?00000010
Evaluate expression: 16 = 00000010

View Slide

Demo
".dump" Command
അ੤ ٣ߡӦ ࢚కীࢲ dumpܳ ٜ݅ࣻ ੓׮. /cח ࠗоࢸݺ୶о /fח ಽ ݫݽܻ ؒ೐, /m਷
minidumpࢤࢿਸ ڷೠ׮.
ex)
.dump /cm c:\d.dmp
".ecxr" Command
Exceptionٸ੄ Contextী ؀ೠ ੿ࠁܳ ࣇ౴ೠ׮. dump࠙ࢳदী ߈٘द AVо դ Context۽ ࣇ
౴೧ঠೠ׮.
"!sym"
Symbol۽٬җ ೐܁೐౟ ഋకܳ ઁযೠ׮.
"!sym noisy" Symbol۽٬दী ۽Ӓܳ ࠁৈળ׮.
"!analyze"
അ੤ Exceptionী ؀ೠ ܻನ౴ਸ ࠁৈળ׮.
"!analyze -v" : Exceptionী ؀ೠ ੿ࠁܳ ܻನ౴ ೧ࢲ ࠁৈળ׮.

View Slide

Demo
“bp”, “bm”, “bl”
Live debuggingदী break pointܳ Ѥ׮.
ex)
0:000> bp exception_func
0:000> bl
0 e 004011e7 0001 (0001) 0:*** DbgSample2!exception_func
0:000> bl
0:000> bm dbgsample2!set*
2: 00413c00 DbgSample2!setSBCS
3: 00413c80 DbgSample2!setSBUpLow
4: 004010b0 DbgSample2!set_data
0:000> bl
1 e 00413c00 0001 (0001) 0:*** DbgSample2!setSBCS
2 e 00413c80 0001 (0001) 0:*** DbgSample2!setSBUpLow
3 e 004010b0 0001 (0001) 0:*** DbgSample2!set_data

View Slide

Demo
10. Demo
Dump Catch Setting
- WinDBG
1. Attach Proecss١ Debugging઺ী “.dump /mc c:\dump.dmp
- User process moitor
- ݽפఠ݂
1. ઁয౸ীࢲ Process Dumpܳ ࢶఖ
2. New -> Application ੉ܴ ੑ۱(ഛ੢੗ө૑, ӡ੉ઁೠ੓਺)
3. Rulesܳ ࢶఖೞҊ যڃ Default഑਷ ਗೞח Exceptionҗ dump҃۽
ܳ ࢶఖ)
4. First chance exceptionী ߈਽ೠ׮.
- ࣻز
1. userdump [PROCESS_NAME] [DUMPFILENAME].dmp
- Dr. Watson
1. ௑ࣛীࢲ drwtsn32 –i ۽ default debugger۽ ࣇ౴ೠ׮.
2. ׮द drwtsn32ܳ ੑ۱ೞৈ Dr. Watsonਸ प೯ दఅ׮.
3. .log, .dmp౵ੌਸ ࢶఖೞҊ ਗೞח ز੘ਸ ࢶఖೞҊ ࣇ౴ೠ׮.
4. Second chance exceptionী ߈਽ೠ׮.
\lab\DbgSample1 ࢠ೒ਸ ଵҊೠ׮.

View Slide

Demo
10. Demo (Con’t)
Post-Mortem Debugging with Dump file
ੌ߈੸ੋ Exceptionੋ ੜޅػ ݫݽܻ ଵઑ੄ ҃਋੄ Dump ౵ੌী ؀
೧ࢲ Post-Mortem Debuggingਸ ೧ࠄ׮.
1. ௿ۄ੉঱౟ীࢲ Symbol, Image, code ౵ੌ ٜ݅ӝ
1-1 Releaseߡ੹੄ Project Setting ׮੉঴۽Ӓܳ ڪ਍׮. (Alt + F7)
1-2 C/C++ చ੄ General ஠పҊܻ ࢶఖ
1-3 Dubug Infoܳ Program Database۽ ࢶఖ
1-4 Listing Files ஠పҊܻ ࢶఖ
1-5 Listing file typeਸ Assembly, Machine, Code and Source۽ ࢶఖ (҃۽ࢶఖ)
1-6 Project Optionীࢲ /Oy-ܳ ੑ۱ (ઁ؀۽ػ Stack੿ࠁܳ ঳ਵ۰ݶ ೙ࣻ, FPO)
1-7 Linkచ੄ General ஠పҊܻ ࢶఖ
1-8 Generate debug info ୓௼
1-9 Cutomize஠పҊܻ ࢶఖ
1-10 Use program database ୓௼, *.pdb౵ੌੑ۱
1-11 Debug ஠పҊܻ ࢶఖ
1-12 Generate mapfile ୓௼, Debug info୓௼, Microsoft format ୓௼
1-13 Project Optionীࢲ /RELEASEੑ۱ (Checksum), Link Imcrementally৬ ഐജউؽ

View Slide

Demo
10. Demo (Con’t)
Post-Mortem Debugging
2. Dump catch (Crash!)
2.1 1ߣҗ э੉ ࣇ౴ೠ /lab/DbgSample2੄ प೯౵ੌਸ प೯दெ Dump Catcherܳ ా೧ࢲ
dumpܳ ੘ࢿೠ׮.
3. WinDBGࣇ౴
3.1 WinDBGܳ ҳزೠ׮.
3.2 .dmp(Dump౵ੌਸ)ਸ ো׮. (Open crash dump)
3.3 Symbol path, Source path, Image File path੄ ੿ࠁܳ ࣇ౴ೠ׮. - Symbol
Pathীח *.pdbо ੓ח ҃۽৬ ੋఠ֔ਸ ా೧ Windows੄ Symbolਸ ߉ਸ ࣻ ੓ח ই ې ҃۽ܳ ࣇ౴ೠ׮.
path: SRV*[STORAGE PATH]*http://msdl.microsoft.com/download/symbols

View Slide

Demo
10. Demo (Con’t)
4. Symbol۽٬җ Ѩࢎ
4.1 Symbol Pathܳ ࣇ౴റ
4.2 >> !sym noisyܳ ࣇ౴ೞৈ Symbol ۽٬۽Ӓܳ ࠁѱ ೠ׮.
4.3 >> .reload ೞৈ ੹୓ ݽٕ੄ Symbolਸ ׮द ۽٬ೠ׮.
4.4 >> ۽Ӓܳ ా೧ ઁ؀۽ Symbol੉ ۽٬ غ঻ח૑ Ѩࢎೠ׮.
5. Exception reportࠁӝ
5.1 >> .ecxr ਸ ా೧ࢲ exceptionী ؀ೠ contextܳ ࣇ౴ೠ׮.
5.2 >> !analyze –vܳ ా೧ࢲ exceptionী ؀ೠ ੿ࠁܳ ࠄ׮.

View Slide

Demo
10. Demo (Con’t)
6. Stack/੹৉/૑৉/౵ۄ޷ఠ ੿ࠁ ഛੋೞӝ
6.1 “k” ݺ۸ਸ ా೧ࢲ Stackਸ ഛੋೠ׮.
6.2 Stack Frameчҗ dd ݺ۸ਸ ੉ਊೞৈ ౵ۄ޷ఠ чਸ ഛੋೠ׮.
- ୐ߣ૩ ౵ۄ޷ఠܳ ࠅٸח ebp + 8ਸ ೧ঠೠ׮. DWORD੄ returnч੉ ٜয ੓׮.
6.3 “dt”, “d” ݺ۸ਸ ੉ਊೞৈ ߸ࣻ੄ ੿ࠁܳ ഛੋೠ׮.

View Slide

Demo
10. Demo (Con’t)
7. ࠗо੿ࠁഛੋ
7.1 “lm” ݺ۸ਸ ࢎਊೞৈ ۽٬ػ ݽٕਸ ഛੋೠ׮.
7.2 “ln” ݺ۸ਸ ࢎਊೞৈ ೧׼ ઱ࣗ৬ о੢ оө਍ Symbom(ೣࣻݺ)ਸ ࠁৈળ׮.
- dll੄ ҃਋ীח Optimize২࣌ਸ ࢎਊೞ૑ ঋਵݶ PE౵ੌ੄ Import section੿ࠁ৬ IAT(Import
Address Table)੿ࠁܳ ੉ਊ೧ࢲ ೣࣻݺҗ offset੄ ੿ࠁо աৡ׮.

View Slide

Demo
10. Demo (Con’t)
7.3 “ln”җ .cod౵ੌ۽ Exception code଺ইղӝ
Crashػ Exception઱ࣗ৬ .pdb੄ Symbol౵ੌҗ .cod౵ੌ੉ ੓ח ҃਋ Exception੉ ੌযդ
Codeܳ ଺ਸ ࣻ ੓׮.
a. Image fileҗ э੉ ࢤࢿػ .pdb(Symbol file)/.cod ౵ੌਸ ળ࠺
b. Image fileਸ Attach/Open Excutable۽ WinDBG৬ э੉ ҳزदఅ׮.
c. "ln"ݺ۸җ Crashդ ઱ࣗ۽ ೧׼ ௏٘ܳ о૑Ҋ ੓ח ೣࣻܳ ଺ח׮.
d. ೧׼ ݽٕղ੄ ೣࣻ੄ ઱ࣗ৬ Crash઱ࣗ੄ ରܳ ҅࢑ೞৈ .cod౵ੌীࢲ ೧׼ प೯௏٘ܳ
଺ח׮.
c.Crash address: 0x40156eੋ҃਋, ln 0x40156e۽ ׮਺੄ Ѿҗܳ ঳ח׮.
d. .cod౵ੌীࢲ ೣࣻ exception_func੄ ௏٘ द੘ ઱ࣗੋ 0x001e7ী offsetੋ 0x387ਸ ؊ೞݶ
0x0056eۄח ઱ࣗчਸ ঳ਸ ࣻ ੓חؘ ੉ܳ .cod౵ੌীࢲ ࠁݶ ࣗझ௏٘ 151ۄੋীࢲ ޙઁо ࢤ҂׮חѪਸ ঌ
ࣻ ੓׮.
0:000> ln 0x0040156e
(004011e7) DbgSample2!exception_func+0x387 | (0040168d) DbgSample2!main

; 103 : void exception_func(int param1) {
001e7 55 push ebp
001e8 8b ec mov ebp, esp

; 151 : cout << "insert data, count: " << g_nCrashCnt << ", idx: " << pCrash->idx << " …
00566 68 00 00 00 00 push OFFSET
0056b 8b 45 f8 mov eax, DWORD PTR _pCrash$[ebp]
0056e 8b 48 04 mov ecx, DWORD PTR [eax+4]

View Slide

Demo
10. Demo (Con’t)
Post-Mortem Debugging with MAP
- Windows98١ীࢲ Exceptionद ઱ࣗ݅ਵ۽ ࣗझۄੋਸ ଺חߨ
(Book: Debugging ApplicationsଵҊ)
- ૒ҙ੸ੋ AV݅ਸ ঌࣻо ੓׮ (Call stack traceࠛо)
1. MAP౵ੌ ࢤࢿ
1-1 Linkచ੄ Debug஠పҊܻীࢲ Generate map file ୓௼, Project optionী
/MAPINFO:EXPORTS /MAPINFO:LINESਸ ੑ۱
1-2 Rebuild ೠ׮.
1-3 MAP౵ੌਸ ৌয “Preferred load address is 00400000” ী 00400000੄ чਸ ӝরೠ׮
1-4 Exceptionդ ઱ࣗ(৘ܳ ٜয 0x00401535)ܳ BASE(ਤ੄ ч) + RVA(relation vertual
address) ࣂ࣌ীࢲ оө਍ ࠗ࠙ਸ ଺ח׮. ೣࣻ ઱ࣗ৬ ઱ࣗ ࢎ੉ী ਤ஖ೠ׮.
1-5 Sample code࢚ਵ۽ࠁݶ (lab\DbgSample3੄ Access Violation ߡౡ ௿ܼ!)
0001:00000523 ?Test6_AV@@YAXXZ 00401523 f DbgSample3.obj
׮਺ ௏٘о 0x00401535ܳ ನೣೞҊ ੓׮.
1-6 ࣗझۄੋਸ ঳ӝ ਤ೧ࢲ ׮਺੄ ҕधਵ۽ 16૓ࣻ ҅࢑ਸ ೠ׮
[CRASH ADDRESS] – [PREFERRED LOAD ADDRESS] – 0x1000(PE ೻؊ч)
Ӓ۞ݶ
0x00401535 – 0x00400000 - 0x1000 = 0x535

View Slide

Demo
10. Demo (Con’t)
1-7 ׮਺੄ Line number ࣂ࣌ীࢲ
for .\Debug\DbgSample3.obj(C:\Testcode\lab\DbgSample3\DbgSample3.cpp)
segment .text
҅࢑ػ 0x535ܳ ֈ૑ ঋח о੢ оө਍ ۄੋਸ ଺ਵݶ ׮਺җ э׮
“ 175 0001:00000535 “
૊ DbgSample3.cpp੄ 175ۄੋ੉׮.
1-8 CrashFinderܳ ࢎਊೞݶ рױ൤ ঌইյ ࣻ ੓׮.

View Slide

Demo
10. Demo (Con’t)
Interactive Debugging
MSDEVীࢲ debuggingೞחѪҗ э੉ प೯दఃѢա प೯
઺ੋ Processܳ debuggingೠ׮.
1. Live debugging
1-1 Open Excuteableਸ ࢶఖೞৈ प೯ೡ Image౵ੌਸ ࢶఖೠ׮.
1-2 WinDBG ݺ۸ਸ ా೧ࢲ ӝઓ MSDEVীࢲ৬ э਷ debuggingਸ दبೠ׮.

View Slide

Demo
10. Demo (Con’t)
2. Attach Process Debugging
1-1 ӝઓী प೯઺ੋ Processী ੋఠۣ౟ܳ Ѧযࢲ debuggingਸ दبೠ׮.
1-2 Attach to Processܳ ࢶఖೞҊ ਗೞח Processܳ ࢶఖೠ׮.
1-3 debuggingਸ द੘ೠ׮.

View Slide

Scenario
Demo
10. Scenario Demo
1. Hang
Deadlock, High CPU Utilization, ١ী ੄ೠ Application੄ ݥ୺࢚కܳ Debugging ೠ׮.
1-1 Deadlock
Deadlock੄ ҃਋ח Process࢚੄ ݽٚ Thread੄ ࢚కܳ dumpܳ ٜ݅য Critical section١੄
زӝച ё୓ী ؀ೠ Thread߹੄ ੽Ӕਸ ࠙ࢳਸ ೧ঠ ೠ׮.
Dump catcherܳ ా೧ࢲ dumpо ೙ਃ ೡ ҃਋ ৈ۞ߣ dumpೞৈ ௏٘૓೯ਸ Ѩష೧ঠ ೠ׮
- adpulsܳ ࢎਊೞח ҃਋
adplus – hang –PN [PROCESS_NAME] –o [OUTPUT DIR]
- “~” ݺ۸ਸ ా೧ࢲ п Thread੄ Call stackਸ ଵҊೞৈ Bugܳ ࣻ੿ೠ׮.
- Kernel زӝച APIٜਸ Hookingೞৈ ߹ب੄ reportೞח ߑߨب ੓׮ (Debugging Application
੄ DeadlockDetectionଵҊ)

View Slide

Scenario
Demo
10. Scenario Demo
1-2. High CPU Utiliation (Spinning Thread, 100% CPU)
- ݣ౭ ॳۨ٘੄ ҃਋ী ೠ ॳۨ٘о CPUܳ ة੼ೞҊ ੓ח ҃਋ Ӓ ॳۨ٘৬ ೧׼ೞח ௏٘
ܳ ଺ח ৘ઁ੉׮. ইې੄ ࣽࢲী ٮۄ stepਸ ߍই ࠁ੗.
- ௑ࣛীࢲ perfmonਸ ੑ۱ೞৈ Performance Monitorܳ ҳزೠ׮.
- ࢿמ ۽Ӓ߂ ҃Ҋ(Performance Logs and Alerts)ܳ ࢶఖೞৈ ೞਤݫ׏ܳ ো׮
- ஠਍ఠ ۽Ӓ(COunter Logs)ܳ য়ܲଃ ݃਋झܳ ࢶఖೞৈ ࢜ ۽Ӓ ࣇ౴(New Log Setting)
ਸ ೠ׮.
- ୶о(Add)ܳ ־ܰҊ ׮੉঴۽Ӓо ڰݶ
- ݽٚ ஠਍ఠ(All Counters)৬ ݽٚ ੋझఢझܳ ࢶఖೞҊ
- ࢿמѐ୓(Performance Object)ীࢲ Process, Processor, Threadܳ
ಽ׮਍ ݫ׏ীࢲ пп ࢶఖೞৈ ೞաঀ ୶о(Add)റ ײӝ(Close)ܳ ־ܲ׮.
- ࢠ೒ рѺ(Interval)ਸ 1۽ ࣇ౴ೠ׮.

View Slide

Scenario
Demo
10. Scenario Demo
- ۽Ӓ౵ੌ ҃۽ܳ ࣇ౴ೠ׮. ӒܻҊ ഛੋਸ ־ܲറ ੘زਸ दఅ׮.
- ৘ઁ೐۽Ӓ۔ DbgSample3ܳ ҳزೞৈ CPUо 100%੼ਬػറ ೠزউ ӝ׮ܽ׮.
- Dump catcher۽ ೧׼ ೐۽Ӓ۔੄ dumpܳ ڲ׮.
- Performance Monitor੄ ੘সਸ ઺૑ೠ׮.
- ׮द Performance Monotor੄ दझమ ݽפఠ(System Monitor)ܳ ࢶఖೠ׮
- ۽Ӓ౵ੌ ؘ੉ఠ ࠁӝ(View log data file)ա য়ܲଃ ݃਋झܳ ־ܲറ ١۾੿ࠁ (Properties)
੄ Soruceచ੄ ੿ࠁܳ ೧׼ ۽Ӓ౵ੌ(.blg)ਸ ੍য ٜੋ׮.
- ో߄੄ + ߡౡਸ ௿ܼೞৈ ܻನ౴ೡ ೦ݾਸ Ҋܲ׮.
- ࢿמ ѐ୓(Performance Object)ীࢲ Processܳ ࢶఖೞҊ ஠਍ఠ(Counter)ীࢲ
% Processor Time, ੋझఢझ(Instance)ীࢲ ࢠ೒೐۽Ӓ۔੄ ੉ܴਸ ଺ই ୶о(Add)ܳ
ׂ۞ ೧׼ ೐۽Ӓ۔੄ Process ࢚కܳ ࠄ׮.
- ୶о۽ ࢿמ ѐ୓(Performance Object)ীࢲ Threadܳ ࢶఖೞҊ ஠਍ఠ(Counter)ীࢲ
% Processor Time, ID Threadܳ ࢶఖೞҊ ੋझఢझ(Instance)ীࢲ ࢠ೒೐۽Ӓ۔੄ Threadܳ
ݽف ࢶఖೠ റ ୶о(Add)ܳ ־ܰҊ ܻನ౴ਸ Ѩࢎೠ׮.

View Slide

Scenario
Demo
10. Scenario Demo
- Ӓ઺ীࢲ % Processor Time੉ ֫਷ Threadܳ ଺ח׮.
- dump౵ੌਸ WinDBGী ৌয “~”ݺ۸যܳ ాೞৈ ݽٚ Thread ࢚కܳ ࠄ׮.
- Performance Moitorীࢲ ID৬ WinDBGীࢲ ݏח Thread੄ ߣഐܳ ଺ח׮.
0 id : [PROCESS_ID] : [THREAD_ID]۽ غয ੓ਵݴ ? ݺ۸ਸ ా೧ࢲ 16૓ࣻ
ܳ 10૓ࣻ۽ ഛੋೠ׮.
- “~” ݺ۸ਸ ా೧ࢲ п Thread੄ Call stackਸ ଵҊೞৈ Bugܳ ࣻ੿ೠ׮.

View Slide

Scenario
Demo
10. Scenario Demo
1. Heap Corruption
- ࠁా੄ ҃਋ী ݫݽܻী ೡ׼ػ ௼ӝܳ ߩযդ রࣁझо ੌযզ ҃਋੉׮.
- Exception਷ ੌযա૑ ঋਸࣻ ੓૑݅ ۽૒੸ਵ۽ ޙઁܳ ੌਵఃѢա बпೠ ҃਋ীח
೐۽Ӓ۔੄ ࠺੿࢚ ઙܐ۽ ੉য૑Ѣա য়ز੘ਸ ೞѱ ػ׮.
- ഑਷ ׮਺җ э਷ ҃Ҋହਸ ࠁѢա debugݽ٘दী heap checkীࢲ ASSERTହ੉ ڰӝبೠ׮.
- heap੄ ҃਋ Corruption੉ ੌযդ द੼ীࢲ Exeption੉ աח Ѫ੉ ইפۄ. ೧ઁೡ ٸ(free,
delete)ա Corruptionդ ҳ৉ਸ ׮द ੤ೡ׼ ೡٸ Exception੉ թਵ۽ Bugܳ ଺ӝо য۵׮.
- heapী ؀ೠ errorח appendix\src\heap_error੄ ࣗझܳ ଵҊೞݶػ׮.

View Slide

Scenario
Demo
10. Scenario Demo
- ׮਺ Stepਸ ߍই ࠁ੗.
- gflagsܳ ҳزೠ׮.
- Memory Leak/Corruptionਸ ଵҊೞৈ ׮਺җ э੉ ࣇ౴ೠ׮.
- WinDBG/Dr. Watsonਸ Default Debugger۽ ١۾ೠ׮.
ର੉ח WinDBGח ߄۽ Interactive debugging੉ оמೞҊ Dr.Watson਷ dumpܳ ӝ۾ೠ׮.
- /lab/DbgSample3.exeܳ ҳزೠ׮.
- “Heap Corruption (free)” ܳ ௿ܼೠ׮.
- ࢤࢿػ dumpա WinDBG۽ debuggingਸ द੘ೠ׮.

View Slide

Scenario
Demo
11. Scenario Demo
1. Stack Corruption
- Stack Corruption਷ Overflow١ী ੄೧ࢲ EBP١੄ Stack Frame ੿ࠁо ౣয૑ח അ࢚
- য೒ܻா੉࣌੉ Crashо զࣻب ੓ਵݴ ઁ؀۽ جই о૑ ঋਸ ࣻب ੓׮.
- Debugging ߑߨ਷ EBP/ESP١੄ чਵ۽ ୶ܻೞৈ backtraceܳ ೧ঠ ೠ׮.
- ցޖ ষೞݶ dumpܳ ੉ਊೠ Post-Moterm debuggingীࢲח ইޖѪب ଺ਸ ࣻ হਸ ҃਋о
੓׮.
- Compuware੄ BounceCheckerܳ ࢎਊೞחѪਸ ӂ੢

View Slide

Appendix
Debugging in WIN32 Application [email protected] 2
12. Reference
Books
౵Ҧ੄ ҟ೟
Programming Application for windows 4th
Debugging Applicaiton
Windows 32bit User Mode Debugging(ࣁ޷ա੗ܐ)
Undocumented Windows 2000 Secrets
Documents
.\doc ಫ؊ উ੄ ޙࢲٜ
Website
A Crash Course on the Depths of Win32™ Structured Exception Handling
http://www.microsoft.com/msj/0197/Exception/Exception.aspx
First and Second Chance Exception Handling
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q10
5/6/75.asp&NoWebContent=1
SEH (Structured Exception Handling)
http://www.microsoft.com/msj/0597/hood0597.aspx
http://www.microsoft.com/msj/0497/hood/hood0497.aspx
http://msdn.microsoft.com/msdnmag/issues/01/09/hood/default.aspx
Microsoft Debugging Tools
http://www.microsoft.com/ddk - windbg, cdb, glags
http://support.microsoft.com/default.aspx?scid=kb;en-us;241215 – user process monitor
Microsoft Debugging Tools Knowledge Base Articles
http://www.microsoft.com/whdc/devtools/debugging/DBG-KB.mspx
Q268343 Umdhtools.exe: Umdh.exeܳ ࢎਊೞৈ ݫݽܻ ־ࣻܳ ଺ח ߑߨ
http://support.microsoft.com/?kbid=268343

View Slide

Appendix
12. Reference (Con’t)
Website
Microsoft Debugging Tools Knowledge Base Articles
http://www.microsoft.com/whdc/devtools/debugging/DBG-KB.mspx
Symbol Package Download
http://www.microsoft.com/whdc/ddk/debugging/symbolpkg.mspx
Windows Debuggers: Part 1:A WinDBG Tutorial
http://codeproject.com/debug/windbg_part1.asp
HOW TO: Use ADPlus to Troubleshoot "Hangs" and "Crashes"
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/q286
/3/50.asp&NoWebContent=1
dbghelp.dll Debugging Functions
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/isdebuggerpresent.asp
Using the Windbg Debugging Tool
http://www.winnetmag.com/Article/ArticleID/21217/21217.html
PDB߂ DBG౵ੌ - ౵ੌ ੿੄ ߂ ੘ز ߑߨ
http://support.microsoft.com/default.aspx?scid=kb;KO;121366
Common Object File Format (COFF)
http://support.microsoft.com/default.aspx?scid=kb;en-us;q121460
http://www.delorie.com/djgpp/doc/coff/

View Slide

Appendix
12. Reference (Con’t)
Website
Peering Inside the PE: A Tour of the Win32 Portable Executable File Format - Matt Pietrek
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndebug/html/msdn_peeringpe.asp
.dbg ౵ੌী ؀ೠ under the hood ணۢ
Visual C++ Project Settings and .DBG File Creation
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q216356
What are .pdb And .dbg Files?
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vccore98/html/
_core_what_are_..pdb_and_..dbg_files.3f.asp
Cracking PDB Symbol Files
http://www.informit.com/articles/article.asp?p=22429
INFO: PDB and DBG Files - What They Are and How They Work
http://support.microsoft.com/default.aspx?scid=kb;en-us;q121366
Generating and Deploying Debug Symbols with Microsoft Visual C++ 6.0
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnvc60/html/gendepdebug.asp
INFO: Use the Microsoft Symbol Server to Obtain Debug Symbol Files
http://support.microsoft.com/default.aspx?scid=kb;EN-US;311503
HOW TO: Use a Symbol Server with the Visual Studio .NET Debugger
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q319037
Under the Hood: Improved Error Reporting with DBGHELP 5.1 APIs - *** Callstack
http://msdn.microsoft.com/msdnmag/issues/02/03/hood/default.aspx
XCrashReport : Exception Handling and Crash Reporting - *** MiniDump
http://www.codeproject.com/debug/XCrashReportPt4.asp

View Slide

Appendix
13. Appendix
WIN32 Debuggingदী ೙ਃೠ ૑धٜ
WIN32 Assembly
Calling Conversion
WIN32 Processes & System
Folder ࢸݺ
\root
\bin\tools: debugging tool
\doc: ଵҊޙࢲٜ
\etc\dbginfo: codeview/pdb/coff١ਸ ನೣೠ Image౵ੌҗ Debug੿ࠁܳ ࡒ ౵ੌٜ
\lab
\DbgSample1: SEH৬ Dump catcher(debugger)੄ ز੘ ݽणਸ ࠁৈષ
\DbgSample2: ੌ߈੸ Crash࢚ীࢲ ٣ߡӦߨ
\DbgSample3: Threadݽ٘
\ViewSEH: SHE੄ ز੘
\IE_Exception, IE_Exception_Dump١਷ WERࢲ࠺झ ࢸݺ
\src
\CrashHandler.JohnRobbins: ImgeHelperܳ ੉ਊೠ CallStack Tracer
\DbgExe: MS Debug ࣁ޷աী ੓ח Exceptionղח ࢠ೒ ౵ੌ
\heap_error.rp: heapী ҙ۲ػ ী۞ ா੉झо ٚ ࢠ೒ ౵ੌ
\MiniDumper.rp: Call Stack Tracer, MiniDump١੄ Exception੿ࠁ ୹۱
\Stack.ѱ: Stackҗ EBP/ESP੄ ؘ੉ఠ ੉زਸ ঌ ࣻ ੓ח ࢠ೒ ౵ੌ
\TestExceptionHandler.MattPietrek: dllhelpਸ ੉ਊೠ Call Stack Tracer
\XCrashReportPt4.CodeProject: MiniDumpܳ ݅٘ח ࢠ೒ ௏٘

View Slide

End
14. End
ࣻҊೞ࣑णפ׮.
૕੄਽׹਷ হणפ׮.

View Slide

Win32 Post-Mortem Debugging for Begginer

Win32 Post-Mortem Debugging for Begginer

Jimmy Moon

More Decks by Jimmy Moon

Other Decks in Programming

Featured

Transcript