On 07/08/2015 07:14 AM, Piyawath Boukom wrote: > Dear peoples in mailing-list, > > My name is Piyawath Boukom, I’m a student from Tokyo Tech. > I hope you can enlighten me about this. > > Below are things that those I would like to perform. > > - I want to identify where guest kernel lives in QEMU’s process on host > machine, is it possible to find a set of logical address space of guest > kernel on host machine ? (which part of memory space is being used by guest > kernel) > > - If I can specify where QEMU’s process lives in host memory address space > then I know where stack, heap, data, text, etc. of QEMU live. So, can I > determine where guest machine’s physical memory lives ? (in host logical > address) > > - If above are possible to do, can I write those things into a file ? (ex. > data in guest machine’s memory, binary data, etc.) > > *Host and guest are Linux.
The "savevm" monitor command dumps pretty much all the state to a file, although you have to use QCOW2 format disk images. https://en.wikibooks.org/wiki/QEMU/Monitor#savevm Once the snapshot/checkpoint has been saved, you can dig into it to get specific memory contents. You'll have to write your own scripts for this as far as I know. For kernel virtual addresses, check the guest's dmesg. `dmesg | sed -nr '/Virtual kernel memory/,/\[/ p'` does that for me on AArch64. If there's a particular user space process you're interested in, run `cat /proc/$PID/maps` in the guest immediately before or after saving the checkpoint to get its virtual addresses. Chris -- Qualcomm Innovation Center, Inc. The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum, a Linux Foundation Collaborative Project