- Bug detection
- HyperFuzzer: An Efficient Hybrid Fuzzer for Virtual CPUs(CCS'21)
- Scavenger:Misuse Error Handling leading to QEMU/KVM Escape(Black Hat Asia'21)
- Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types (Security'21)
- Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints (Security'20)
- Debugging
- Provenance
- QEMU Design & Extended
- A KVM-Based Logging and Replay System for Debugging Non-Deterministic Executions (CCV'10)
- Dynamically Translating x86 to LLVM using QEMU (Technical Report 2010)
- QEMU, a Fast and Portable Dynamic Translator (ATC'05)
- Deduplication
- Benchmarking
- Containers
- QEMU paper
- On the interfacing between QEMU and SystemC for virtual platform construction: Using DMA as a case
- TQSIM: A fast cycle-approximate processor simulator based on QEMU
- A QEMU and SystemC-Based Cycle-Accurate ISS for Performance Estimation on SoC Development
- A Fault Injection System Based on QEMU Simulator and Designed for BIT Software Testing
- QEMU, a Fast and Portable Dynamic Translator (ATC'05)
- Configurable system call tracer in QEMU emulator
- Book chapter
- Presentation
- Security in QEMU How Virtual Machines provide Isolation -Stefan Hajnoczi
- Tracing in the QEMU emulator user case study -Stefan Hajnoczi
- QEMU: Architecture and Internals Lecture for the Embedded Systems Course -Manolis Marazakis
- QEMU Code Overview - Stefan Hajnoczi
- QEMU - Jussi Knuuttila
- VIRTIO 1.0
- QEMU disk I/O injection framework: blkdebug:example
- Using NVDIMM under KVM: video
- Applying Polling Techniques to QEMU: video
- Security in QEMU-How Virtual Machines provide Isolation
- Bring SCSI support into QEMU block layer
- QEMU snapshots are slow. Really?
- Virtual Device Fuzzing in QEMU
- Virtio-(balloon|pmem|mem): Managing Guest Memory