[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Re: valgrind functionality in qemu?
From: |
Johannes Schindelin |
Subject: |
Re: [Qemu-devel] Re: valgrind functionality in qemu? |
Date: |
Mon, 22 Nov 2004 19:50:19 +0100 (CET) |
Hi,
On Mon, 22 Nov 2004, Ben Pfaff wrote:
> Johannes Schindelin <address@hidden> writes:
>
> > It would also be difficult to find the reference to the source code,
> > because there is no support for working with the debug information in the
> > code in QEmu that I know of. If you want to debug the Linux kernel, you
> > need to hack the "-kernel" loading code for that.
>
> It's not *that* hard, it just takes writing some code. We did
> this in a simulation paper: "Understanding Data Lifetime via
> Whole System Simulation" available at
> <URL:http://www.stanford.edu/~blp/papers>, although our
> implementation used Bochs instead of qemu because qemu wasn't
> quite ready at the time.
Okay. Unfortunately, you didn't publish the source code for TaintBochs.
So how did you tackle following problems:
- when deciding what to taint, you want to be as specific as possible. How
did you tell bochs what was tainted, and what not?
- when you tested inside bochs, you didn't have control over loading of
programs. How did bochs know where the code came from?
- even more importantly, when you analyzed where tainting data was
propagated or freed, how did you find out which *source code* was
responsible for that?
I would do tha "just write some code" part, but I still look for
elegant solutions to those problems.
Ciao,
Dscho
Re: [Qemu-devel] Downloaded files are corrupt, Martin Jansa, 2004/11/21
Re: [Qemu-devel] Downloaded files are corrupt, Fabrice Bellard, 2004/11/21
Re: [Qemu-devel] Downloaded files are corrupt, Martin Jansa, 2004/11/21