This post has been republished via RSS; it originally appeared at: Channel 9.
In this episode of Defrag Tools, Andrew Richards is joined by JCAB (Juan Carlos Arevalo Baeza) and Jordi Mola from the Windows Debugger team to demonstrate some more advanced usage of a new feature of WinDbg Preview: Time Travel Debugging (TTD).
Related Links:
WinDbg Preview (download from Microsoft Store)
Time Travel Debugging Overview (Online documentation)
Debugging Tools for Windows Blog
Time Travel Debugging FAQ
Timeline:
[00:00] Introductions
[01:07] Seeing a memory corruption crash in the Chakra Core when running a script. Difficult to debug!
[05:33] Now reproduce the same crash while recording a Time Travel Debugging trace
[07:06] Looking at the TTD trace with unoptimized code
[07:55] Use the !events command to list interesting events and exceptions in the trace and jump to them
[11:43] Found the corrupt memory, step backwards to figure out where it came from.
[13:15] Identifying the memory location containing a bad value with dx command, and setting a data breakpoint (with ba) to see who previously wrote to it.
[17:37] Getting closer. Keep following the trail backwards...
[19:29] Found where the bad value came from!
[21:08] Another use case: Find where a value is bad and track it back from there with a binary search (use !tt with a percentage value to jump to locations in the trace)
[22:09] Second demo: Looking at the same crash but with optimized production code.
[25:09] Exceptions will be hit when running the trace either forward or backward.
[26:54] To give feedback on WinDbg Preview, use the Feedback Hub.
