2024-09-22 –, Hall A+B
QEMU has long had a number of downstream forks that seek to take
advantage of its flexible TCG emulation layer and combine it with
various approaches to instrumentation. The TCG plugin sub-system
introduced 5 years ago was an attempt to provide for the needs of
instrumentation in an upstream compatible way. Recent enhancements
include the ability to read register values and a more efficient way
to implement thread safe counters.
Alex asks have we done enough to enable the more interesting use cases
such as binary analysis and fuzzing?
Is it time to revisit the limitations introduced to avoid GPL end-runs
and allow plugins to affect system state?
Are there any more features tools like AFL+ or ThreadSan need to be
able to introspect and analysis a system running in QEMU.
Long time systems and embedded developer with a side of Dynamic Binary Translation.
Alex started learning to program in the 80s in an era of classic home computers that allowed you to get down and dirty at the system level. After graduating with a degree in Chemistry he's worked on a variety of projects including Fruit Machines, Line Cards, CCTV recorders and point-to-multipoint wireless microwave systems. Since the turn of the century his primary focus has been working with FLOSS platforms, especially Linux. An alumni of Transitive he has a broad experience of cross-platform virtualization as well as a strong background in telecommunications and networking. A keen Emacs user he will happily answer questions and proselytise for the One True Editor (tm).