In this episode of Defrag Tools, Andrew Richards is joined by JCAB (Juan Carlos Arevalo Baeza) and Jordi Mola from the Windows Debugger team to demonstrate some more advanced usage of a new feature of WinDbg Preview: Time Travel Debugging (TTD).
[01:07] Seeing a memory corruption crash in the Chakra Core when running a script. Difficult to debug!
[05:33] Now reproduce the same crash while recording a Time Travel Debugging trace
[07:06] Looking at the TTD trace with unoptimized code
[07:55] Use the !events command to list interesting events and exceptions in the trace and jump to them
[11:43] Found the corrupt memory, step backwards to figure out where it came from.
[13:15] Identifying the memory location containing a bad value with dx command, and setting a data breakpoint (with ba) to see who previously wrote to it.
[17:37] Getting closer. Keep following the trail backwards...
[19:29] Found where the bad value came from!
[21:08] Another use case: Find where a value is bad and track it back from there with a binary search (use !tt with a percentage value to jump to locations in the trace)
[22:09] Second demo: Looking at the same crash but with optimized production code.
[25:09] Exceptions will be hit when running the trace either forward or backward.
[26:54] To give feedback on WinDbg Preview, use the Feedback Hub.