我有一個.sav要恢復的 VirtualBox 文件。但問題是我只有這個文件(沒有磁碟文件和 RAM 大小等任何其他資訊)。我嘗試複製我的一台虛擬機,製作快照並替換快照(使用正確的檔案名稱)。當恢復狀態時,VirtualBox拋出錯誤
無法載入單位“mm”(VERR_SSM_LOAD_MEMORY_SIZE_MISMATCH)
由於我不知道記憶體大小,因此無法繼續。
谷歌搜尋後,我發現快照檔案包含虛擬機器的所有資訊和配置。有沒有可能的方法從文件中提取資訊.sav以便我可以獲得正確的配置?
答案1
以下內容涉及撰寫本文時 VirtualBox 的最新版本 (4.3)。我不能談論舊版本。
一份SAV文件由units.如果您在十六進位編輯器中開啟SAV文件,您可以透過搜尋以下十六進位字串來瀏覽單位:
0A 55 6E 69 74 0A 00 00
這個詞Unit周圍還有一些其他字符。命中後 0x24 (36) 位元組,您將看到一些 ASCII 字元。例如,第一個可能是:SSM。這是單元的描述符,在本例中是「已儲存的狀態管理器」。
您想要找到mm(記憶體管理器)單元。對我來說,它始終是 SAV 檔案中的第三個單元 - 因此搜尋時的第三個結果:
以十六進位表示:
0A 55 6E 69 74 0A 00 00 52 01 00 00 00 00 00 00 7C 36 11 91 CE B0 E2
CE 02 00 00 00 01 00 00 00 FF FF FF FF 00 00 00 00 03 00 00 00 6D 6D
00 92 10 1E 00 08 00 00 00 00 00 00 00 00 80 00 00 00 00 91 0E 01 00
38 7E D4 06 22 00 00 00 00 00 00 00
如您所見,前 8 個位元組是unit標頭。然後,0x24(36)位元組之後我們看到6D 6D 00哪個是mm\0.跳過三個位元組 ( 92 10 1E),然後您將得到一個 uint16(小端),它是拍攝快照時的系統記憶體量。在我的例子中:00 08= 0x800= 2048= 2GB。
答案2
您可以嘗試執行vboxmanage採用狀態,根據文檔,它將嘗試更改虛擬機器以將當前快照附加到建議的保存狀態。
如果它不起作用,parsiya 寫了一篇關於解析 SAV 狀態的有趣博客,可以在這裡找到:帕西亞博客
根據他的博客,SAVE 狀態描述為SSM.cpp
我找到的新資訊是基於SSMFILEHDRV12(比parsiya更新)的RTGCPHYS的單位是GIM_HV_PAGE_SIZE(4096)。它更像是一個單位,如果我理解正確的話,通常是 08 * 4096 。事實上,還有另一個單元用於進一步完成創建的數據
如果我理解正確的話,SSM.cpp 程式碼的邏輯如開頭所解釋的那樣是執行即時保存狀態。 IE 的總大小未知。所以可能會記錄多個記憶體單元。如果只有一個原始記憶體單位,那麼,是的,您可以推斷虛擬機器的大小。里程有所不同
從文件開頭提取
* The live snapshots feature (LS) is similar to teleportation (TP) and was a
* natural first step when implementing TP. The main differences between LS and
* TP are that after a live snapshot we will have a saved state file, disk image
* snapshots, and the VM will still be running.
* * Compared to normal saved stated and snapshots, the difference is in that the
* VM is running while we do most of the saving. Prior to LS, there was only
* one round of callbacks during saving and the VM was paused during it. With
* LS there are 1 or more passes while the VM is still running and a final one
* after it has been paused. The runtime passes are executed on a dedicated
* thread running at at the same priority as the EMTs so that the saving doesn't
* starve or lose in scheduling questions (note: not implemented yet). The final
* pass is done on EMT(0).
* The saved state units each starts with a variable sized header
* (SSMFILEUNITHDRV2) that contains the name, instance and pass. The data
* follows the header and is encoded as records with a 2-8 byte record header
* indicating the type, flags and size. The first byte in the record header
* indicates the type and flags:
* * - bits 0..3: Record type:
* - type 0: Invalid.
* - type 1: Terminator with CRC-32 and unit size.
* - type 2: Raw data record.
* - type 3: Raw data compressed by LZF. The data is prefixed by a 8-bit
* field containing the length of the uncompressed data given in
* 1KB units.
* - type 4: Zero data. The record header is followed by a 8-bit field
* counting the length of the zero data given in 1KB units.
* - type 5: Named data - length prefixed name followed by the data. This
* type is not implemented yet as we're missing the API part, so
* the type assignment is tentative.
* - types 6 thru 15 are current undefined.
* - bit 4: Important (set), can be skipped (clear).
* - bit 5: Undefined flag, must be zero.
* - bit 6: Undefined flag, must be zero.
* - bit 7: "magic" bit, always set.
/**
* Writes a record header for the specified amount of data.
*
* @returns VBox status code. Sets pSSM->rc on failure.
* @param pSSM The saved state handle
* @param cb The amount of data.
* @param u8TypeAndFlags The record type and flags.
*/
static int ssmR3DataWriteRecHdr(PSSMHANDLE pSSM, size_t cb, uint8_t u8TypeAndFlags)
{
size_t cbHdr;
uint8_t abHdr[8];
abHdr[0] = u8TypeAndFlags;
if (cb < 0x80)
{
cbHdr = 2;
abHdr[1] = (uint8_t)cb;
}
else if (cb < 0x00000800)
{
cbHdr = 3;
abHdr[1] = (uint8_t)(0xc0 | (cb >> 6));
abHdr[2] = (uint8_t)(0x80 | (cb & 0x3f));
}
else if (cb < 0x00010000)
{
cbHdr = 4;
abHdr[1] = (uint8_t)(0xe0 | (cb >> 12));
abHdr[2] = (uint8_t)(0x80 | ((cb >> 6) & 0x3f));
abHdr[3] = (uint8_t)(0x80 | (cb & 0x3f));
}
else if (cb < 0x00200000)
{
cbHdr = 5;
abHdr[1] = (uint8_t)(0xf0 | (cb >> 18));
abHdr[2] = (uint8_t)(0x80 | ((cb >> 12) & 0x3f));
abHdr[3] = (uint8_t)(0x80 | ((cb >> 6) & 0x3f));
abHdr[4] = (uint8_t)(0x80 | (cb & 0x3f));
}
else if (cb < 0x04000000)
{
cbHdr = 6;
abHdr[1] = (uint8_t)(0xf8 | (cb >> 24));
abHdr[2] = (uint8_t)(0x80 | ((cb >> 18) & 0x3f));
abHdr[3] = (uint8_t)(0x80 | ((cb >> 12) & 0x3f));
abHdr[4] = (uint8_t)(0x80 | ((cb >> 6) & 0x3f));
abHdr[5] = (uint8_t)(0x80 | (cb & 0x3f));
}
else if (cb <= 0x7fffffff)
{
cbHdr = 7;
abHdr[1] = (uint8_t)(0xfc | (cb >> 30));
abHdr[2] = (uint8_t)(0x80 | ((cb >> 24) & 0x3f));
abHdr[3] = (uint8_t)(0x80 | ((cb >> 18) & 0x3f));
abHdr[4] = (uint8_t)(0x80 | ((cb >> 12) & 0x3f));
abHdr[5] = (uint8_t)(0x80 | ((cb >> 6) & 0x3f));
abHdr[6] = (uint8_t)(0x80 | (cb & 0x3f));
}
else
AssertLogRelMsgFailedReturn(("cb=%#x\n", cb), pSSM->rc = VERR_SSM_MEM_TOO_BIG);
Log3(("ssmR3DataWriteRecHdr: %08llx|%08llx/%08x: Type=%02x fImportant=%RTbool cbHdr=%u\n",
ssmR3StrmTell(&pSSM->Strm) + cbHdr, pSSM->offUnit + cbHdr, cb, u8TypeAndFlags & SSM_REC_TYPE_MASK, !!(u8TypeAndFlags & SSM_REC_FLAGS_IMPORTANT), cbHdr));
return ssmR3DataWriteRaw(pSSM, &abHdr[0], cbHdr);
}
與 Bridgey 一樣,他也注意到單位以 ascii“Unit”開頭,但最後一個單位以“TheEnd”結束
他根據這裡SSMInternal.h中所描述的UNIT的架構解析了SAV檔案的一些架構:virtualbox開源文件