|
| From: | Rob Landley |
| Subject: | Re: [Qemu-devel] [RFC] reverse execution. |
| Date: | Sun, 19 May 2013 16:39:57 -0500 |
On 05/19/2013 03:09:14 PM, Mark Burton wrote:
Spot on Peter,The (simplistic) plan is simply to take a snapshot at regular intervals, when you want to step backwards, you return to a snapshot, and then re-runforwards to 'just before you started'.
You'd have to snapshot all of memory because any of it could be used for branching decisions. You'd have to snapshot the state of I/O devices for the same reason. This includes serial ports and keyboards and your hardware random number generator and the timer interrupt and disk interrupts, all of which you have to log and replay the input from, and get the timing exactly right for the interrupts they generate. (It has to happen at the right spot because it's used to update the random number pool, it can affect scheduling decisions...)
Good luck with that.A horrid thing you might do is log the instruction pointer every time it changes into a (giant) ring buffer. Possibly instrument tcg to write up that register every time it has to actually know it (jumps and when interrupts happen). (You don't have to know "advanced to next instruction". You do have to know "advanced to something other than next instruction".) It'll be slow and painful, but might be possible.
Then again to make it work you'd have to log not just where you went but where you came _from_ so you could see that you got there and it's time to jump again (interrupts again, doesn't mean it's a normal departure point, could be a signal). And the problem is do you record the target's idea of "from" or the translated host idea of "from"...
Rob
| [Prev in Thread] | Current Thread | [Next in Thread] |