Event Log

The event log stores information about each non-deterministic event that affects the execution of the debuggee.

UndoDB’s snapshot-and-replay technique means relatively little event log is required, but non-deterministic events must still be stored in the log. The following are sources of non-determinism which must be captured by an event stored in the event log:

  1. All system calls
  2. Reads from shared memory or device maps
  3. Asynchronous signals
  4. Thread switches and thread interactions
  5. Non-deterministic machine instructions

Configuring event log size

Memory is allocated dynamically for the event log as required, but it is possible to limit how big the event log will grow to using the uset max-event-log-size command:

(udb) uset max-event-log-size <size>[G|M|K]


It’s recommended to set <size> to a value that is less than the amount of available system memory, otherwise UndoDB may exceed the available system memory and be killed by the Linux “Out Of Memory Killer”.

You can also use the --undodb-event-log-max command line option:

$ udb --undodb-event-log-max <size>[G|M|K] <args>

Finally you can view the current max event log size using the ushow max-event-log-size command:

(udb) ushow max-event-log-size
udb: maximum event log size is 268435456 bytes (256.00M)

Using a circular event log

By default UndoDB stores all events recorded as the debuggee executes, so that it is possible to go back to the beginning of the program (or at the point that recording was enabled after deferred recording).

However in some cases the event log can consume an excessive amount of space due to a large number of non-deterministic events, causing errors such as:

udb: error: UndoDB's event log is full, so no more history can be recorded.
udb: You may still use undodb commands to go backwards, or alternatively:
     Use "uset max-event-log-size <size>[K|M|G]" to increase the
     event log size, or use "uset event-log-mode circular" to use a
     circular event log.  The current event log size is 33554432 bytes

In many cases it’s sufficient to use the uset max-event-log-size command to increase the size of the event log (as shown above). However if this is not possible or desirable then an alternative is to use a circular event log.

A circular event log discards events from the beginning of the event log in order to make space for new events. This means that the debuggee can continue to run without allocating extra space for the event log.


Since a circular event log discards events from the beginning of the log, it may not be possible to go back to the beginning of the recorded history of the debuggee if the debuggee has been running for a long time.

You can enable a circular event log with the uset event-log-mode command:

(udb) uset event-log-mode circular

At any point the default (‘straight’) circular log can be restored with the same command:

(udb) uset event-log-mode straight

You can also set the event log mode when starting UndoDB with the --undodb-event-log-mode command line option:

$ udb --undodb-event-log-mode circular