My replay failed

There could be multiple reasons:

  • You are outside of the perimeter of what can be recorded (see below)
  • You have hit a bug, in that case, please contact the support.

Depending on the resource that failed replaying, it is possible you can still work on your trace. The only mandatory resource is the Trace.

If the Trace resource fails, you can also try to limit the number of instructions to stop the replay before it fails.

What cannot be recorded

In practice, the record / replay stack REVEN uses does have some technical limitations, detailed below. If you try to record one of those situations, you are outside the supported perimeter.

NOTE: you are very unlikely to hit one of these situations if you record a scenario after the VM has reached its login screen.

  • REVEN does not handle scenarios where the CPU is not at least in protected mode with virtual memory configured. This prevent recording BIOS execution, or anything in real mode during the boot.
  • Certain changes to the CPU or MMU configuration, such as those happening during the boot of the OS, cause the replay operation to fail. As a result, you cannot record the entire boot process, such as from the kernel entry point to the login screen in windows. You can still record parts of it, as long as you don't reach code that performs one of those unhandled significant configuration changes.