[Qemu-discuss] Understanding the contents of virsh-dump --memory-only fo

qemu-discuss

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-discuss] Understanding the contents of virsh-dump --memory-only fo

From:	Arnabjyoti Kalita
Subject:	[Qemu-discuss] Understanding the contents of virsh-dump --memory-only for a QEMU machine
Date:	Wed, 2 Aug 2017 17:14:23 -0400

Hello,

<Please disregard the earlier email by me. I forgot to add the subject. So
reposting this email!!>

I was trying to understand the ELF file generated by the virsh dump
(--memory-only) command. I have successfully generated a dump of the QEMU
VM memory using this command.

I specifically am trying to understand the loadable segments of this ELF
file.

I ran readelf -a <filename> to get the information that I need. Below shows
the details of the loadable segments (PT_LOAD) in a much better format :-

(I am basically trying to make sense of the memory dump of the QEMU machine
here)

Loading ELF header #1. offset: 1320 filesize: 655360 memsize: 655360 vaddr:
0 paddr: 0 align: 0 flags: 0
Loading ELF header #2. offset: 656680 filesize: 65536 memsize: 65536 vaddr:
0 paddr: a0000 align: 0 flags: 0
Loading ELF header #3. offset: 722216 filesize: 1072955392 memsize:
1072955392 vaddr: 0 paddr: c0000 align: 0 flags: 0
Loading ELF header #4. offset: 1073677608 filesize: 67108864 memsize:
67108864 vaddr: 0 paddr: f4000000 align: 0 flags: 0
Loading ELF header #5. offset: 1140786472 filesize: 67108864 memsize:
67108864 vaddr: 0 paddr: f8000000 align: 0 flags: 0
Loading ELF header #6. offset: 1207895336 filesize: 8192 memsize: 8192
vaddr: 0 paddr: fc054000 align: 0 flags: 0
Loading ELF header #7. offset: 1207903528 filesize: 262144 memsize: 262144
vaddr: 0 paddr: fffc0000 align: 0 flags: 0

I wanted to know why in this case, is the virtual address (denoted by
vaddr) 0 for each of the loadable segments ? Will it be okay if I load the
elf file taking the values of physical address (denoted by paddr) into
account ?

Specifically after loading the file, can I be certain that all of my
contents will have been loaded into memory address starting from 0 ?

I am trying to understand the contents of the QEMU memory - so I am loading
this ELF into my host machine and possibly read from there. Can I read from
it once it gets loaded ?



Thanks and Regards.
Arnab

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-discuss] Understanding the contents of virsh-dump --memory-only for a QEMU machine, Arnabjyoti Kalita <=

Prev by Date: [Qemu-discuss] (no subject)
Next by Date: [Qemu-discuss] ESXi prebuilt image
Previous by thread: [Qemu-discuss] (no subject)
Next by thread: [Qemu-discuss] ESXi prebuilt image
Index(es):
- Date
- Thread