[webkit-dev] Deep copy of the page with it's JS context

Karen Shaeffer shaeffer at neuralscape.com
Wed Dec 19 14:31:16 PST 2012

On Wed, Dec 12, 2012 at 12:21:54PM -0800, Benjamin Poulain wrote:
> On Wed, Dec 12, 2012 at 11:03 AM, Николай Матюнин <matyunin.n at gmail.com>wrote:
> My answer:
> If you are using Linux and don't care too much about efficiency, it may be
> easier to patch the kernel to snapshot the process state and memory, and
> restore it when needed.
> In any case, what you describe is fragile for any page with external side
> effects (system services, Web storage, cookies, etc.).
> Benjamin

Patching the kernel won't provide too much help. The kernel knows nothing
about what type of object resides at an address. You'll have all the data with
no way to make sense of any of it. Therefore you'll need an emulator to solve
the problem you describe. This is true whether you snapshot the process image
with the kernel or not. With a little thought, I believe you'll conclude the
most efficient path forward is to write an emulator that accepts live data and
slows the flow down to support your run-time emulation / analysis.

This is not a trivial endeavor, so you likely need to add constraints on what
resources your emulator can support, given your resource and time constraints.
As a point of reference, I once wrote a JVM emulator that was the core of a
Java Bytecode sequence generator used for testing java acceleration hardware.
This is relatively easy, because the JVM is a highly constrained and fully
documented runtime. My JVM emulator consisted of about 65,000 lines of C code,
sans comments.

The emulator you need to write is not highly constrained but fragile due to
all the external resources that could be involved. My advice is to invest
your energy in fully understanding the scope of what you need or intend to
emulate, before committing to deliverables.

Karen Shaeffer
Neuralscape, Mountain View, CA 94040

More information about the webkit-dev mailing list