[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-discuss] using qemu to sandbox/trace a process and its childre

From: Angus Gardner
Subject: Re: [Qemu-discuss] using qemu to sandbox/trace a process and its children on linux
Date: Tue, 2 Oct 2012 23:22:08 +0000

Hi Peter,


Qemu is great for this kind of thing.  When you are running a VM in qemu you can access the ‘qemu monitor’ and perform lots of functions including VM snapshots, screenshots  of the console, ejecting cd’s etc. 


In relation to your question you can also use the monitor to dump VM memory, dump CPU registers, or connect the VM to an external instance of GDB on the host machine.





This is kernel level debugging, not application level.  As such it will not be exactly what strace would produce.


I have found it easier to wrap a VM in Python to automate the monitor commands and some of the debugging.






From: qemu-discuss-bounces+address@hidden [mailto:qemu-discuss-bounces+address@hidden On Behalf Of Peter Privus
Sent: Tuesday, October 02, 2012 9:29 PM
To: address@hidden
Subject: [Qemu-discuss] using qemu to sandbox/trace a process and its children on linux




I'm wondering if it is possible to use qemu to sandbox a program (on linux) such that it becomes possible to trace all system calls made by that program and its children.

(The program does not need to be a running process yet).


Until now, I've been using "strace" utility for that purpose, but it turns out that strace cannot be invoked recursively (you cannot invoke strace on a process that invokes strace itself; this is different from using the "-f" flag to strace).

So any tools I make that depend on strace essentially become "bad citizens" because they cannot be straced themselves, and I want to avoid that.






reply via email to

[Prev in Thread] Current Thread [Next in Thread]