Process Record and Replay
Process record and replay is a gdb feature first appearing in the gdb 7.0 release (September 2009).
For supported architectures and OS/ABIs, this feature allows the user to record the execution of a program being debugged by gdb, and then "play back" the recorded execution, deterministicly and repeatedly if desired.
Process record and replay also supports gdb's reverse debugging commands, so that during replay it is possible to debug the program backward as well as forward.
GDB Reverse Debug and Process Record Target.pdf is a slide that show the internals of process record.
Process record and replay now has a tutorial.
Contents
Supported Targets
Process record and replay is currently supported for the following gdb targets:
- i386-linux
- amd64-linux
- moxie-elf / moxie-linux
- arm-linux
How it works
Process record and replay works by logging the execution of each machine instruction in the child process (the program being debugged), together with each corresponding change in machine state (the values of memory and registers). By successively "undoing" each change in machine state, in reverse order, it is possible to revert the state of the program to an arbitrary point earlier in the execution. Then, by "redoing" the changes in the original order, the program state can be moved forward again.
User commands
The following gdb commands are defined for process record / replay:
- "target record" (or simply "record", for short)
Start process record/replay (ie. start recording the subsequent execution of the child process). You must start debugging the program (with the "run" command) before using this command to start recording. You can start recording at any point after the child process has been started (eg. at a breakpoint).
- "record stop"
Stop process record/replay (ie. cease recording the program execution), and discard any existing execution log. The child process is not terminated, and you may continue to debug it normally.
- "record delete"
Discard the existing execution log, and begin recording a new log.
- "set record insn-number-max"
Set the maximum number of instruction executions that will be recorded (ie. the size of the process record log buffer). Zero means unlimited. Default is 200,000.
- "set record stop-at-limit"
Controls the behavior when the buffer becomes full. If "on", gdb will stop and ask the user what to do. If "off", the buffer acts as a circular buffer, deleting the oldest records to make room for new ones. Default is "on".
- "info record"
Show various statistics about the state of process record and its in-memory execution log buffer.
Testing
To run the gdb reverse-debugging tests with process record and replay, you need a board description file "precord.exp", which should look like this:
# Testing programs using process record/replay (precord) load_base_board_description "unix" set_board_info gdb,can_reverse 1 set_board_info gdb,use_precord 1
And put "precord.exp" to the "baseboards" directory of dejagnu (/usr/share/dejagnu/baseboards).
Then the "make check" command will look like this:
make check RUNTESTFLAGS="--target_board precord (test file or files)"
For example: make check RUNTESTFLAGS="--target_board=precord break-reverse.exp consecutive-reverse.exp"
At the time of this writing, the reverse debugging tests include:
- break-reverse.exp
- consecutive-reverse.exp
- finish-reverse.exp
- i386-reverse.exp
- i386-sse-reverse.exp
- i387-env-reverse.exp
- i387-stack-reverse.exp
- machinestate.exp
- sigall-reverse.exp
- solib-reverse.exp
- step-reverse.exp
- until-reverse.exp
- watch-reverse.exp
- break-precsave.exp
- consecutive-precsave.exp
- finish-precsave.exp
- i386-precsave.exp
- machinestate-precsave.exp
- sigall-precsave.exp
- solib-precsave.exp
- step-precsave.exp
- until-precsave.exp
- watch-precsave.exp
Patch list
Name |
URL |
Author |
Status |
Comment |
|
||||
Doing |
||||
Check Linux sys_brk release memory in process record and replay |
Hui Zhu |
RFA RFC |
This patch will make linux-record can check if the sys_brk will release the memory or not. If memory will be released, gdb will query to user. |
|
Process record skip |
http://sourceware.org/ml/gdb-patches/2009-08/msg00302.html http://sourceware.org/ml/gdb-patches/2009-08/msg00303.html http://sourceware.org/ml/gdb-patches/2009-08/msg00304.html http://sourceware.org/ml/gdb-patches/2009-08/msg00305.html http://sourceware.org/ml/gdb-patches/2009-08/msg00306.html http://sourceware.org/ml/gdb-patches/2009-08/msg00307.html http://sourceware.org/ml/gdb-patches/2009-08/msg00308.html |
Hui Zhu |
RFA RFC |
It let prec record some functions of inferior as one instruction (record the memory and reg that will be change in this function). |
i386 Rewrite the codes for opcode 0x0f01 and add more instructions support |
Jiang Jilin |
RFC |
Jilin is waiting license paper |
|
i386 Save CS segment register for ljmp instruction |
Jiang Jilin |
RFC |
Need a testsuite |
|
multi-thread support |
http://sourceware.org/ml/gdb-patches/2009-11/msg00541.html http://sourceware.org/ml/gdb-patches/2009-11/msg00542.html http://sourceware.org/ml/gdb-patches/2009-11/msg00543.html http://sourceware.org/ml/gdb-patches/2009-11/msg00544.html http://sourceware.org/ml/gdb-patches/2009-11/msg00545.html |
Hui Zhu |
RFC |
Need a testsuite |
Fix gcore core file load lib error |
Hui Zhu |
Patch need more works |
http://sourceware.org/ml/gdb/2009-10/msg00414.html This is the introduce for this bug, and this bug just reproduce in amd64 ubuntu 9.0.4 and i386 ubuntu 9.0.4 that's gcc is 4.3.3. glibc is 2.9. In amd64 gcc 4.1.2 glibc 2.5 and i386 gcc 4.2.4 glibc 2.7, it cannot be reproduced. |
|
x86 segment register support |
Hui Zhu |
RFA |
Controversial in the interface design |
|
make prec can save the execution log to a pic file |
http://sourceware.org/ml/gdb-patches/2010-06/msg00342.html http://sourceware.org/ml/gdb-patches/2010-07/msg00000.html |
Hui Zhu |
Not sure |
|
record_arch_list_add_mem add check for len |
Hui Zhu |
It for a other feature. But this feature is ... |
|
|
|
||||
Done |
||||
replay bookmarks |
Michael Snyder |
Done |
|
|
Fix hw watchpoints in process record |
Pedro Alves Michael Snyder |
Done |
It need patch after patch replay bookmarks |
|
i386.record.floating.point.patch |
Paawan Oza |
Done |
Testsuites for it is checked in too |
|
prec-fix-error-handler |
Hui Zhu |
Done |
|
|
Prec x86 MMX 3DNow! SSE SSE2 SSE3 SSSE3 SSE4 support |
Hui Zhu |
Done |
|
|
Add optional sequence number to record log filename |
Michael Snyder |
Replace by eval command patch |
|
|
Eval command patch |
Hui Zhu |
Done |
|
|
Add support of software single step to process record |
Hui Zhu |
Done |
It still need test with sbp arch prec code |
|
|
||||
To Do List
See the more extensive WishList here.
- Improve performance (speed and memory usage).
- "Process record skip" patch for this issue.
The idea and demo is in http://sourceware.org/ml/gdb/2010-04/msg00161.html http://sourceware.org/ml/gdb/2010-05/msg00055.html http://sourceware.org/ml/gdb/2010-05/msg00064.html
- "Process record skip" patch for this issue.
- Add support for more processor architectures (mips, arm etc.)
- Add support for more os/abis (currently only linux is supported).
- Improve support for memory free (sys_brk).
- "Check Linux sys_brk release memory in process record and replay" patch for it.
- Improve support for multi-thread and multi-process record/replay.
- "multi-thread support" patch for it.
- Add more test cases to the testsuite.
- Improve documentation. The following is a quote from Eli Zaretskii, the gdb docs maintainer:
What I think is still missing from the manual is a few sentences that would explain when this target is useful. Can you provide such warstories? I will then add them to the manual. No, I mean description of when this target is useful in real life, and how you will use it. In other words, put yourself in a place of someone who reads the manual about the record/replay target and asks him/herself "why should I care about this new feature?" Then try to answer that question. And try to answer it so that the reader will wonder how could she ever get by without this feature before. There is a contribution from Marc Khouzam at http://sourceware.org/ml/gdb-patches/2009-05/msg00058.html.