[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-discuss] How to obtain the list of all Memory Addresses accessed g
[Qemu-discuss] How to obtain the list of all Memory Addresses accessed given the disassembled instruction trace and a memory snapshot of QEMU available ?
Tue, 18 Jul 2017 20:09:01 -0400
Mozilla/5.0 (X11; Linux i686; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
I collected a disassembled trace of all instructions of an application
that executed in a guest Virtual Machine running on QEMU. I have also
obtained the memory snapshot of QEMU - just before I executed my program
- so as per my understanding, the memory snapshot should contain all
changes that occurred in the memory after the program executed.
I am only currently interested in obtaining addresses of LOAD
instructions from the disassembled trace. Most of the disassembled
"LOAD" instructions are of the form -
mov rax, qword ptr [rdx+rdi*8]
So what we can see is the "LOAD" addresses are encapsulated as
arithmetic combinations of the values of x86_64 registers. I wanted to
obtain the exact addresses of these "LOAD" instructions, with the help
of the memory snapshot that I have.
Is there any mechanism in QEMU that will help me in giving the addresses
of these instructions - without performing any deterministic
record/replay (as I already have the list of all instructions along with
the memory snapshot) ?
Thanks and Regards,
|[Prev in Thread]
||[Next in Thread]|
- [Qemu-discuss] How to obtain the list of all Memory Addresses accessed given the disassembled instruction trace and a memory snapshot of QEMU available ?,