AFAIK, valgrind is not cross-architecture (their dev team is thinking
about that but it seems complicated).
Perhaps is it possible to build some similar analysis fonctionnality on
top of the new TCG plugins of QEMU ? Is it planned ?
At first I need some sort of taintgrind plugin. I guess that the process
of translation to host code will produce all the side-effects of
registers spilling existing in the guest code. Am I right ?
I have just tested a bit the plugins from the head/master branch.
Is there an API to find symbols->value in the guest code/data ? Shall I
pass a second time the ELF image to argv's plugin and then "help myself"
? what about relocations if user mode code ?
Sorry, I am not sure if plugin development falls into "users" or "devel"
activities.
--
Thierry Bernier
