From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:45829)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cov@codeaurora.org>) id 1ZDG2g-0007OF-5o
	for qemu-devel@nongnu.org; Thu, 09 Jul 2015 13:55:27 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <cov@codeaurora.org>) id 1ZDG2c-0003ZG-RZ
	for qemu-devel@nongnu.org; Thu, 09 Jul 2015 13:55:26 -0400
Received: from smtp.codeaurora.org ([198.145.29.96]:39920)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cov@codeaurora.org>) id 1ZDG2c-0003Z4-Ly
	for qemu-devel@nongnu.org; Thu, 09 Jul 2015 13:55:22 -0400
Message-ID: <559EB586.8080404@codeaurora.org>
Date: Thu, 09 Jul 2015 13:55:18 -0400
From: Christopher Covington <cov@codeaurora.org>
MIME-Version: 1.0
References: <0B614E46-FA7E-4236-8204-810D37D76A0B@m.titech.ac.jp>
In-Reply-To: <0B614E46-FA7E-4236-8204-810D37D76A0B@m.titech.ac.jp>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] Asking about QEMU's process in memory address
 space of host
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Piyawath Boukom <boukom.p.aa@m.titech.ac.jp>, qemu-devel@nongnu.org

On 07/08/2015 07:14 AM, Piyawath Boukom wrote:
> Dear peoples in mailing-list,
>=20
> My name is Piyawath Boukom, I=E2=80=99m a student from Tokyo Tech.
> I hope you can enlighten me about this.
>=20
> Below are things that those I would like to perform.
>=20
> - I want to identify where guest kernel lives in QEMU=E2=80=99s process=
 on host machine, is it possible to find a set of logical address space o=
f guest kernel on host machine ? (which part of memory space is being use=
d by guest kernel)
>=20
> - If I can specify where QEMU=E2=80=99s process lives in host memory ad=
dress space then I know where stack, heap, data, text, etc. of QEMU live.=
 So, can I determine where guest machine=E2=80=99s physical memory lives =
? (in host logical address)
>=20
> - If above are possible to do, can I write those things into a file ? (=
ex. data in guest machine=E2=80=99s memory, binary data, etc.)
>=20
> *Host and guest are Linux.

The "savevm" monitor command dumps pretty much all the state to a file,
although you have to use QCOW2 format disk images.

https://en.wikibooks.org/wiki/QEMU/Monitor#savevm

Once the snapshot/checkpoint has been saved, you can dig into it to get
specific memory contents. You'll have to write your own scripts for this =
as
far as I know.

For kernel virtual addresses, check the guest's dmesg. `dmesg | sed -nr
'/Virtual kernel memory/,/\[/ p'` does that for me on AArch64.

If there's a particular user space process you're interested in, run `cat
/proc/$PID/maps` in the guest immediately before or after saving the
checkpoint to get its virtual addresses.

Chris

--=20
Qualcomm Innovation Center, Inc.
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum=
,
a Linux Foundation Collaborative Project