Open in app

Sign in

Write

Sign in

Home

Library

Stories

Stats

Mastodon

Mastering Remote Debugging

Anmol Sehgal

--

Introduction

Imagine you’re working on a critical application, but it’s running in an environment miles away — on a server, a cloud instance, or another remote machine. You need to debug it, but you can’t simply run the code locally. Remote debugging is your solution: it enables you to interact directly with an application in its actual environment, where factors like configurations, network latency, and real data often differ from a local setup.

Remote debugging is the process of debugging an application running on a machine that is not the developer’s local environment, often over a network connection. Unlike local debugging, where code is executed and debugged on the developer’s machine, remote debugging involves connecting to the remote machine (whether it’s a server, container, or cloud instance) to interact with the application as it runs. This process is essential when applications are complex, sensitive, or behave differently in a remote environment due to differences in setup, databases, or network conditions.

Remote debugging enables developers to connect their local tools, such as IDEs, to the remote application. This allows them to inspect variables, set breakpoints, and step through code, just as if they were debugging locally.

Remote Debugging Components: A Glossary for the Journey

To effectively perform remote debugging, a number of components come into play. Let’s break these down from higher-level components to lower-level protocols and APIs.

IDE (IntelliJ IDEA)

The Integrated Development Environment (IDE) is the primary tool for debugging. In Java, IntelliJ IDEA offers built-in support for remote debugging, making setup straightforward. Here’s a quick setup guide for IntelliJ remote debugging:

  • Open the Run/Debug Configurations dialog.
  • Select Remote JVM Debug.
  • Set the host and port (e.g., localhost:5005).
  • Click Debug.

IntelliJ connects to the remote application, allowing you to inspect variables, step through code, and evaluate expressions as you would in local debugging. Other languages have remote debugging capabilities in IDEs like Eclipse (Java), Visual Studio Code (various languages), and PyCharm (Python).

Debugger

The debugger is the tool within the IDE that enables you to inspect, control, and troubleshoot a program’s execution. In IntelliJ, the debugger connects to the remote application via a debugging protocol like JDWP (Java Debug Wire Protocol), making it possible to debug applications running on other machines or cloud instances.

Breakpoints

Breakpoints are specific code locations where execution will pause, allowing you to inspect variables, view the call stack, and control code flow. IntelliJ’s advanced features, like conditional breakpoints, are essential for managing complex debugging sessions.

Remote Machine/Host

The remote machine, where the application is running, could be a server, VM, or containerized environment (e.g., Docker or Kubernetes). For Java remote debugging, the application needs to be started with the correct remote debugging options (e.g., -agentlib:jdwp) and the machine's firewall must allow connections to the designated debug port.

Remote Debugging Server

This server is a process on the remote machine that listens for debugging requests from the local debugger. In Java, this server is typically set up by starting the Java application with the JDWP agent, which listens on a specified port:

java -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005 -jar your-app.jar

The JDWP agent enables the remote debugging server, allowing IntelliJ to connect to the application on the specified port.

For other languages, remote debugging tools are specific to the language and runtime. For example, Node.js uses --inspect to enable remote debugging, and Python can use remote-pdb or other debuggers with socket connections.

JVM

The JVM is the environment in which Java applications execute. When remote debugging is enabled, the JVM exposes APIs through the JDWP agent to interact with JVMTI (Java Virtual Machine Tool Interface), allowing inspection and modification of the application’s behavior.

Network Configuration (Ports, Firewalls, VPNs)

Configuring the network is critical. Ensure the debug port (e.g., 5005) is open and accessible from the local machine. You may need to modify firewall settings or configure VPNs to enable a secure connection. In cloud environments, port-forwarding may be needed to access the remote debugging port securely.

Security Considerations

Since remote debugging involves exposing a port, securing this connection is essential. Use protocols like SSL/TLS to protect the debugging session, and SSH tunnels to secure communication between the local debugger and remote application, especially in production environments.

Containerized Environments (Docker, Kubernetes)

Many applications now run in containerized environments. When debugging in Docker, for instance, you need to configure containers to allow debugging connections. For Kubernetes, you can use port-forwarding to route the debugging port from a container to your local machine:

kubectl port-forward pod/my-app 5005:5005

Technical Underpinnings of Remote Debugging

Java Platform Debugger Architecture (JPDA)

The JPDA is a framework that provides the foundational structure for debugging Java applications, especially when debugging across different machines (i.e., remote debugging). JPDA includes three main layers:

  1. Java Debug Interface (JDI)
  2. Java Debug Wire Protocol (JDWP)
  3. Java Virtual Machine Tool Interface (JVMTI)

Java Debug Interface (JDI)

JDI is the high-level Java-based API that IntelliJ and other Java debuggers use to interact with JDWP and JVMTI. It abstracts lower-level complexities, allowing the debugger to easily perform debugging actions, like setting breakpoints, accessing variable values, and stepping through code. JDI connects directly to JDWP, which relays commands to the JVM via JVMTI.

Java Debug Wire Protocol (JDWP)

JDWP is embedded in the JVM where the Java application is running. It is the low-level protocol responsible for data exchange between the debugger(usually your local IDE) and the remote JVM. It allows the debugger to issue commands like setting breakpoints, inspecting variables, and stepping through code. JDWP works over the transport protocol (usually dt_socket in remote setups) to send and receive debugging commands between the remote JVM and IntelliJ.

Transport Protocols

Java supports two main transport protocols for debugging:

  • dt_socket: Uses TCP/IP sockets, allowing remote debugging across a network. This is the standard for remote debugging, as it allows the JVM to listen for connections on a specific IP and port.
  • dt_shmem: Uses shared memory for debugging within the same host. This is less common in remote debugging but is used when both the debugger and the debuggee are on the same machine (typically for local debugging on Windows systems).

In remote debugging configurations, dt_socket is most commonly used as it provides cross-network compatibility.

Example Command with Transport Protocol:

java -agentlib:jdwp=transport=dt_socket,server=y,address=5005 -jar app.jar

JDWP Agent

The JDWP agent is a native library loaded into the JVM to enable remote debugging. When the JVM is started with the JDWP agent enabled (using the -agentlib:jdwp=... option), the agent is embedded into the JVM process itself, sharing the same memory space as the Java application. It interacts with the JVM’s internals, allowing it to capture the application's state, control execution (such as pausing and resuming threads), and interface with the JVMTI to process debugging requests from a remote debugger.

The JDWP agent also facilitates the transmission of debugging data over a specified communication channel, enabling the debugger to remotely monitor and control the application’s execution. Without the JDWP agent, remote debugging would not be possible.

Java Virtual Machine Tool Interface (JVMTI)

JVMTI provides native-level access to the JVM, enabling tools like debuggers and profilers to monitor and control the JVM’s behavior. It enables developers to track, control, and interact with the JVM’s inner workings, offering powerful insights into thread management, method execution, heap memory, and more.

At its core, JVMTI serves as a bridge between the JDWP agent and the JVM itself. When a debugger issues a command, such as setting a breakpoint, JDWP translates this into a corresponding JVMTI function call. For example, setting a breakpoint triggers a call to SetBreakpoint(). JVMTI then takes care of executing the necessary actions in the JVM.

In addition to basic operations like setting breakpoints, JVMTI provides a rich set of functions for more advanced interactions with the JVM, such as:

  • Thread Management: Monitoring the state of threads (suspended, running, or waiting).
  • Method Execution: Tracking when methods are called, entered, or exited.
  • Heap Memory Access: Inspecting object allocations, tracking memory usage, and even triggering garbage collection.
  • Exception Interception: Capturing and analyzing exceptions as they occur within the JVM.

When an event occurs — like a breakpoint being hit — the JVM triggers a JVMTI event (e.g., BreakpointHit()). JVMTI will suspend the thread at the breakpoint and notify JDWP. The JDWP agent then serializes this event data (e.g., thread ID, stack frame, variables in scope) and sends it back to the debugger. This interaction between JDWP and JVMTI is what allows remote debugging tools to effectively track and manipulate the JVM’s behavior.

Detailed Flow Example - setting a Breakpoint:

Let’s walk through the process of setting a breakpoint in a remote debugging session.

1. Debugger Request: User Sets a Breakpoint

  • The user initiates debugging in their IDE. For example, they set a breakpoint at the entry of a method or at a specific line of code.
  • The application is already running on a remote host, and the user wants to debug it remotely. The IDE is configured to connect to the remote JVM using remote debugging.
  • The IDE sends a JDWP command to the JDWP agent running on the remote JVM. The command looks something like:
    "Set breakpoint at methodName() in ClassName".

2. JDWP Agent Receives Command

  • The JDWP agent receives the debugger’s request to set the breakpoint and prepares to interact with the JVM.
  • JDWP then translates the received command into a JVMTI request. This request tells the JVM to set a breakpoint at the specified method or line number.

3. JDWP Calls JVMTI to Set Breakpoint

  • The JDWP agent calls the appropriate JVMTI function to set the breakpoint. This might be the SetBreakpoint() function.

4. Breakpoint Is Set in the JVM

  • JVMTI hooks into the JVM’s internals, registering the breakpoint in the appropriate place. The JVM is now prepared to pause execution when the breakpoint is hit.
  • The JVM adjusts its internal execution flow and marks the specified location where the program will stop. This could involve inserting special instructions or markers that the JVM can later recognize when it reaches that point.

5. Breakpoint Hit During Application Execution

  • As the remote application runs, the JVM reaches the breakpoint in the code. When this happens, the JVM triggers a JVMTI event (e.g., BreakpointHit()).
  • JVMTI suspends the thread at the breakpoint, halting execution right at the method entry or line number.
  • JVMTI notifies the JDWP agent that the breakpoint has been hit, triggering the next step in the debugging process.

6. JDWP Agent Processes the Event

  • The JDWP agent receives the BreakpointHit() event from JVMTI. It then serializes the event data—such as the thread ID, current stack frame, and variables in scope—into a format understood by the JDWP protocol.
  • The serialized data is packaged and sent back to the remote debugger (the IDE or command-line tool) over the network.

7. Debugger Receives the Event

  • The debugger (IDE) receives the event data sent by the JDWP agent. The IDE then processes this data and presents it to the user.

How Remote Debugging Works: A Deep Dive

When it comes to remote debugging, the underlying principles are the same as local debugging, but with an extra layer of complexity since the application is running on a different machine, potentially in a cloud or containerized environment.

Let’s explore step-by-step how remote debugging works to give you a clear understanding.

1. Setting Up the Remote Application for Debugging

The first step to enable remote debugging is configuring the remote application to accept debugging connections. This is done by adding specific options to the application startup command, which signals the JVM to enable debugging mode.

In Java, this is typically done by setting up the JDWP agent, which allows the JVM to “listen” for debugging connections from a remote machine.

Example command for starting a Java application with debugging enabled:

java -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005 -jar your-app.jar

Breaking Down the Configuration

  • -agentlib: This option loads the JDWP agent library into the JVM. By enabling this, the JVM opens a communication channel (usually over a network) to allow for remote debugging. Without this option, remote debugging isn’t possible.
  • transport=dt_socket: Specifies the transport mechanism for communication. Using dt_socket allows communication over a TCP/IP socket, which is a networking mechanism that allows two devices (in this case, the remote debugger and the JVM) to communicate over the network. This transport is ideal for remote debugging across different machines.
  • server=y: Sets the JVM to act as a debug server. This means it will wait for a connection from a remote debugger (like your IDE). Setting server=n would configure the JVM to be a client instead, where it would attempt to connect to a debug server rather than wait for an incoming connection.
  • suspend=n: Determines whether the JVM should pause at startup until a debugger connects. If set to suspend=y, the JVM will suspend execution at startup and wait until a debugger connects. This is useful for debugging initialization code. If set to suspend=n, the application will start running immediately without waiting for a debugger.
  • address=*:5050: Specifies the network interface and port the JVM will use to listen for incoming debugger connections. Here: * means that the JVM will listen on all available network interfaces, making it accessible from any network the machine is connected to.
    5050 is the port number, which the debugger will need to connect to.

Other JDWP Configuration Options

  1. transport=dt_shmem: Uses shared memory for communication instead of a network socket. This is typically used on Windows for local debugging, as it allows faster communication without using the network stack.
  2. server=n: As mentioned, setting server=n configures the JVM to act as a client. In this case, the JVM will try to connect to a remote debugger instead of waiting for an incoming connection. This setup is less common in remote debugging but may be useful in advanced setups where the debugger listens on a particular port.
  3. address=<hostname>:<port>: This option allows specifying a hostname and port for the debugger connection. If server=y, the JVM will listen on the specified hostname and port; if server=n, the JVM will try to connect to the debugger at this address.
  4. onthrow=<class>: Pauses the JVM whenever an exception of the specified class is thrown. This is particularly helpful when debugging issues that consistently throw specific exceptions, as it automatically breaks at the point of failure.
  5. onuncaught=y/n: If set to onuncaught=y, the JVM will suspend execution whenever an uncaught exception occurs, making it easy to debug unexpected runtime errors.
  6. launch=<command>: This option executes a specified command when the debugger starts. It’s useful for launching custom scripts, initializing resources, or starting the debugger with specific configurations.
  7. timeout=<milliseconds>: Specifies the maximum time (in milliseconds) the JVM will wait for a debugger connection. If the debugger doesn’t connect within this period, the JVM will continue execution. This can be useful if you only want the JVM to wait for a debugger for a limited time during startup.

2. Establishing the Network Connection

For remote debugging to work, the local debugger (on your machine) needs to connect to the remote application’s debugging port (in this example, port 5005). This requires network connectivity between your development environment and the remote host where the application is running.

Requirements for Network Connection:

  • Open Port: Ensure that the specified debugging port (5005) is open and accessible from your machine. Often, firewalls may block such ports by default, so they may need to be configured to allow this connection.
  • IP/Hostname: You’ll need the IP address or hostname of the remote machine where the application is running.

3. Configuring Your IDE for Remote Debugging

Now, on your local machine, you configure your IDE to connect to the remote application. Each IDE (like IntelliJ IDEA or Eclipse) offers a way to set up a remote debugging configuration.

Steps for setting up a remote debugging session in IntelliJ IDEA:

  1. Open the Run/Debug Configurations:
    In IntelliJ, go to Run > Edit Configurations.
  2. Create a New Remote Configuration:
    Select Remote JVM Debug.
  3. Specify Connection Details:
    Enter the host (IP or hostname) and port (5005) of the remote application.
  4. Start Debugging:
    Click Debug to initiate the connection.

Once connected, the IDE allows you to set breakpoints, inspect variables, step through code, and interact with the application running on the remote machine as if it were running locally.

4. The Debugging Protocol (JDWP)

The connection between your IDE (local debugger) and the remote application is managed through the JDWP. JDWP is part of the JPDA and provides a two-way communication channel between the debugger and the JVM.

How JDWP works:

  • Commands and Events: The debugger sends commands to the JVM (e.g., “pause execution at this breakpoint”), and the JVM responds with data (e.g., “variable X has value Y”) or events (e.g., “application has reached a breakpoint”).
  • Data Exchange: JDWP uses a series of request-response messages to control the execution of the remote application, retrieve data, and perform various debugging tasks. It works over the network via the transport protocol specified (dt_socket in this case).

JDWP acts as the middleman, ensuring that the debugger can fully control and monitor the remote application’s state by coordinating commands and data between the local debugger and the JVM.

5. Debugging Actions and JVM Interaction

Once the connection is established, you can perform typical debugging actions, and here’s how each one works:

  • Setting Breakpoints:
    When you set a breakpoint in your IDE, the debugger communicates this instruction to the JVM via JDWP.
    The JVM then pauses execution whenever it reaches that specific line of code, allowing you to inspect the current program state.
  • Inspecting Variables:
    You can view the values of variables within the scope of the breakpoint or during step-by-step execution.
    The debugger retrieves variable values by sending JDWP commands to the JVM, which responds with the current values in memory.
  • Stepping Through Code:
    When you “step over” or “step into” lines of code, JDWP relays these commands to the JVM.
    The JVM executes the next line or enters the method as instructed, sending back the updated state for each step.
  • Evaluating Expressions:
    You can run custom expressions (like viewing the result of a + b) directly within the debugger.
    The JVM evaluates the expression and sends the result back to your debugger through JDWP.

6. Handling Network and Security Challenges

Remote debugging over a network introduces security and connectivity challenges that local debugging doesn’t face. Here’s how to address common issues:

  • Security Concerns: Debugging opens a port on the remote machine, potentially exposing it to unauthorized access.
  • Secure the Debugging Port: Use firewalls to restrict access or VPNs to create a secure channel between the local and remote machines.
  • SSH Tunneling: For added security, you can set up SSH tunneling to encrypt traffic between your local machine and the remote application.
  • Latency: Since commands and data are transmitted over a network, there can be delays.
    Network latency can impact how responsive the debugging session feels, especially if the remote server is far away or on a congested network.
    Minimize the number of breakpoints and avoid frequent expression evaluations to reduce network load.

7. Ending the Remote Debugging Session

Once you’re done debugging, you can terminate the debugging session. In IntelliJ, for example, you can simply click the “Stop” button to disconnect the debugger from the remote JVM.

On the remote application side, if it was launched with the suspend=y option, it may remain paused until restarted. To avoid this, ensure that you start the application with suspend=n so that it continues running normally after you disconnect.

Summary of the Remote Debugging Workflow:

  1. Configure the Remote Application: Start the JVM with the JDWP agent to enable remote debugging.
  2. Establish Network Connectivity: Ensure the debugging port is accessible, set up security measures if necessary.
  3. Configure the Local Debugger: Set up your IDE with the remote host and port information.
  4. Perform Debugging Actions: Use breakpoints, variable inspections, and code stepping as you would locally.
  5. Terminate the Debugging Session: Disconnect the debugger and allow the remote application to continue if configured.
Remote Debug
Java
Jvm Architecture
Jvm Memory
Debugging

--

--

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams