<div dir="ltr"><div><div><div>Hi Vincent,<br><br></div>Out of interest, did you try your code with an i386 environment? Did that work?<br><br></div>I don't have an x86_64 guest to hand, but your plugin code, copied straight from your gist worked as I'd expect it to for i386:<br>testplugin loading<br>tracking range [40000000, 80000000)<br>loading snapshot<br>... done.<br>opening nondet log for read : /slw/notepad01-rr-nondet.log<br>got a write at 2968c8c<br>got a write at 2968c88<br>got a write at 2968c84<br>got a write at 2968c80<br>got a write at 2968c7c<br>got a write at 2968c6c<br>got a write at 2968c68<br>got a write at 2968c64<br>got a read at 2968c98<br>got a read at 2968c94<br>got a read at 296bc00<br><br></div>Adam<br></div><br><div class="gmail_quote"><div dir="ltr">On Fri, 23 Feb 2018 at 22:43 Vincent Lee <<a href="mailto:vincent_lee@utexas.edu">vincent_lee@utexas.edu</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div><div>Hello,<br><br></div>I am trying to setup PANDA for monitoring the physical memory accesses of a x86_64 guest.<br>I've
written a toy test plugin [0], and have also tried running the
stringsearch plugin looking for the hostname of the machine, as well as
generic phrases likely to show up in logs, such as "Arch Linux" or
"memory".<br><br>However, no results are returned from stringsearch, and
my test plugin records no accesses on any part of memory. PANDA is
built from 8730ffb on Ubuntu 16.04 with the install_ubuntu script.<br></div><div><br></div>Have I set up my environment incorrectly, or are memory callbacks not supported on x86_64?<br></div>If they are not supported, is there a similar tool I can use to trace guest physical memory accesses on x86_64?<br><br></div>Thanks in advance,<br></div>Vincent<br><div><div><div><div><br><br>[0] <a href="https://gist.github.com/williewillus/f0c96d8652e0f8b538da0c162c82069c" target="_blank">https://gist.github.com/williewillus/f0c96d8652e0f8b538da0c162c82069c</a></div></div></div></div><br></div>
_______________________________________________<br>
panda-users mailing list<br>
<a href="mailto:panda-users@mit.edu" target="_blank">panda-users@mit.edu</a><br>
<a href="http://mailman.mit.edu/mailman/listinfo/panda-users" rel="noreferrer" target="_blank">http://mailman.mit.edu/mailman/listinfo/panda-users</a><br>
</blockquote></div>