QEMU is a powerful multi-platform emulation tool, but it lacks debugging and instrumenting capabilities. QEMU includes only GDB server and some execution logging.
Guest code may be instrumented by inserting callbacks and helper instructions into the translated code. In this talk we'll cover the problems that occur when creating the QEMU-based instrumentation tools (instrumenting of the selected processes within VM, analysis with record/replay, intrusive and non-intrusive approaches), and review the existing approaches and insttumentation frameworks (PANDA, DECAF, PinOS, PEMU). We'll also present our efforts in creating instrumentation/introspection plugins for QEMU and adding new debugging stub - WinDbg server.