QEMU offers full-system deterministic "record and replay" features. Using "rr" gdb stubs, it makes it possible to "time travel" to an arbitrary instruction in a record and to inspect the complete state of the emulated system.

Staying on top of a full-system time travel debugging session can be tedious due to the complexity of some records (across kernel space/user space and threads etc).

DejaView provides a set of QEMU plugins that generate high-level "birds eye view" traces out of a QEMU deterministic system record. Using Virtual Machine Introspection techniques, DejaView can be made operating system aware and understands concepts such as the name and pid of the current thread etc.

Additionally, DejaView comes with a fork of Perfetto that leverages the trace visualization as a QEMU and gdb controller. This allows for iterative trace building (starting with a thread trace, then adding a function call graph for a specific time slice, then an instruction trace for a specific function call etc) and iterative debugging (argument and memory introspection, stable pointers etc).

Finally, taking advantage of Perfetto's web-based UI, DejaView also provides a VSCode plugin that Integrates the trace recording and visualization in a broader IDE setup (with symbol lookup, easy recording etc)

We'll demonstrate the use of DejaView in the context of debugging Linux kernel crashes triggered by bug reproducers automatically extracted by syzkaller fuzzing while emphasizing the broader usefulness of the approach.