projects / qemu.git / blame
| Commit | Line | Data |
|---|---|---|
| 2da91b54 VP |
1 | /* |
| 2 | * Windows crashdump | |
| 3 | * | |
| 4 | * Copyright (c) 2018 Virtuozzo International GmbH | |
| 5 | * | |
| 6 | * This work is licensed under the terms of the GNU GPL, version 2 or later. | |
| 7 | * See the COPYING file in the top-level directory. | |
| 8 | * | |
| 9 | */ | |
| 10 | ||
| 11 | typedef struct WinDumpPhyMemRun64 { | |
| 12 | uint64_t BasePage; | |
| 13 | uint64_t PageCount; | |
| 14 | } QEMU_PACKED WinDumpPhyMemRun64; | |
| 15 | ||
| 16 | typedef struct WinDumpPhyMemDesc64 { | |
| 17 | uint32_t NumberOfRuns; | |
| 18 | uint32_t unused; | |
| 19 | uint64_t NumberOfPages; | |
| 20 | WinDumpPhyMemRun64 Run[43]; | |
| 21 | } QEMU_PACKED WinDumpPhyMemDesc64; | |
| 22 | ||
| 23 | typedef struct WinDumpExceptionRecord { | |
| 24 | uint32_t ExceptionCode; | |
| 25 | uint32_t ExceptionFlags; | |
| 26 | uint64_t ExceptionRecord; | |
| 27 | uint64_t ExceptionAddress; | |
| 28 | uint32_t NumberParameters; | |
| 29 | uint32_t unused; | |
| 30 | uint64_t ExceptionInformation[15]; | |
| 31 | } QEMU_PACKED WinDumpExceptionRecord; | |
| 32 | ||
| 33 | typedef struct WinDumpHeader64 { | |
| 34 | char Signature[4]; | |
| 35 | char ValidDump[4]; | |
| 36 | uint32_t MajorVersion; | |
| 37 | uint32_t MinorVersion; | |
| 38 | uint64_t DirectoryTableBase; | |
| 39 | uint64_t PfnDatabase; | |
| 40 | uint64_t PsLoadedModuleList; | |
| 41 | uint64_t PsActiveProcessHead; | |
| 42 | uint32_t MachineImageType; | |
| 43 | uint32_t NumberProcessors; | |
| 44 | union { | |
| 45 | struct { | |
| 46 | uint32_t BugcheckCode; | |
| 47 | uint32_t unused0; | |
| 48 | uint64_t BugcheckParameter1; | |
| 49 | uint64_t BugcheckParameter2; | |
| 50 | uint64_t BugcheckParameter3; | |
| 51 | uint64_t BugcheckParameter4; | |
| 52 | }; | |
| 53 | uint8_t BugcheckData[40]; | |
| 54 | }; | |
| 55 | uint8_t VersionUser[32]; | |
| 56 | uint64_t KdDebuggerDataBlock; | |
| 57 | union { | |
| 58 | WinDumpPhyMemDesc64 PhysicalMemoryBlock; | |
| 59 | uint8_t PhysicalMemoryBlockBuffer[704]; | |
| 60 | }; | |
| 61 | union { | |
| 62 | uint8_t ContextBuffer[3000]; | |
| 63 | }; | |
| 64 | WinDumpExceptionRecord Exception; | |
| 65 | uint32_t DumpType; | |
| 66 | uint32_t unused1; | |
| 67 | uint64_t RequiredDumpSpace; | |
| 68 | uint64_t SystemTime; | |
| 69 | char Comment[128]; | |
| 70 | uint64_t SystemUpTime; | |
| 71 | uint32_t MiniDumpFields; | |
| 72 | uint32_t SecondaryDataState; | |
| 73 | uint32_t ProductType; | |
| 74 | uint32_t SuiteMask; | |
| 75 | uint32_t WriterStatus; | |
| 76 | uint8_t unused2; | |
| 77 | uint8_t KdSecondaryVersion; | |
| 78 | uint8_t reserved[4018]; | |
| 79 | } QEMU_PACKED WinDumpHeader64; | |
| 80 | ||
| 81 | void create_win_dump(DumpState *s, Error **errp); | |
| 82 | ||
| 2ad9b50f VP |
83 | #define KDBG_OWNER_TAG_OFFSET64 0x10 |
| 84 | #define KDBG_MM_PFN_DATABASE_OFFSET64 0xC0 | |
| 85 | #define KDBG_KI_BUGCHECK_DATA_OFFSET64 0x88 | |
| 86 | #define KDBG_KI_PROCESSOR_BLOCK_OFFSET64 0x218 | |
| 87 | #define KDBG_OFFSET_PRCB_CONTEXT_OFFSET64 0x338 | |
| 2da91b54 VP |
88 | |
| 89 | #define VMCOREINFO_ELF_NOTE_HDR_SIZE 24 | |
| 2ad9b50f VP |
90 | |
| 91 | #define WIN_CTX_X64 0x00100000L | |
| 92 | ||
| 93 | #define WIN_CTX_CTL 0x00000001L | |
| 94 | #define WIN_CTX_INT 0x00000002L | |
| 95 | #define WIN_CTX_SEG 0x00000004L | |
| 96 | #define WIN_CTX_FP 0x00000008L | |
| 97 | #define WIN_CTX_DBG 0x00000010L | |
| 98 | ||
| 99 | #define WIN_CTX_FULL (WIN_CTX_X64 | WIN_CTX_CTL | WIN_CTX_INT | WIN_CTX_FP) | |
| 100 | #define WIN_CTX_ALL (WIN_CTX_FULL | WIN_CTX_SEG | WIN_CTX_DBG) | |
| 101 | ||
| 102 | #define LIVE_SYSTEM_DUMP 0x00000161 | |
| 103 | ||
| 104 | typedef struct WinM128A { | |
| 105 | uint64_t low; | |
| 106 | int64_t high; | |
| 107 | } QEMU_ALIGNED(16) WinM128A; | |
| 108 | ||
| 109 | typedef struct WinContext { | |
| 110 | uint64_t PHome[6]; | |
| 111 | ||
| 112 | uint32_t ContextFlags; | |
| 113 | uint32_t MxCsr; | |
| 114 | ||
| 115 | uint16_t SegCs; | |
| 116 | uint16_t SegDs; | |
| 117 | uint16_t SegEs; | |
| 118 | uint16_t SegFs; | |
| 119 | uint16_t SegGs; | |
| 120 | uint16_t SegSs; | |
| 121 | uint32_t EFlags; | |
| 122 | ||
| 123 | uint64_t Dr0; | |
| 124 | uint64_t Dr1; | |
| 125 | uint64_t Dr2; | |
| 126 | uint64_t Dr3; | |
| 127 | uint64_t Dr6; | |
| 128 | uint64_t Dr7; | |
| 129 | ||
| 130 | uint64_t Rax; | |
| 131 | uint64_t Rcx; | |
| 132 | uint64_t Rdx; | |
| 133 | uint64_t Rbx; | |
| 134 | uint64_t Rsp; | |
| 135 | uint64_t Rbp; | |
| 136 | uint64_t Rsi; | |
| 137 | uint64_t Rdi; | |
| 138 | uint64_t R8; | |
| 139 | uint64_t R9; | |
| 140 | uint64_t R10; | |
| 141 | uint64_t R11; | |
| 142 | uint64_t R12; | |
| 143 | uint64_t R13; | |
| 144 | uint64_t R14; | |
| 145 | uint64_t R15; | |
| 146 | ||
| 147 | uint64_t Rip; | |
| 148 | ||
| 149 | struct { | |
| 150 | uint16_t ControlWord; | |
| 151 | uint16_t StatusWord; | |
| 152 | uint8_t TagWord; | |
| 153 | uint8_t Reserved1; | |
| 154 | uint16_t ErrorOpcode; | |
| 155 | uint32_t ErrorOffset; | |
| 156 | uint16_t ErrorSelector; | |
| 157 | uint16_t Reserved2; | |
| 158 | uint32_t DataOffset; | |
| 159 | uint16_t DataSelector; | |
| 160 | uint16_t Reserved3; | |
| 161 | uint32_t MxCsr; | |
| 162 | uint32_t MxCsr_Mask; | |
| 163 | WinM128A FloatRegisters[8]; | |
| 164 | WinM128A XmmRegisters[16]; | |
| 165 | uint8_t Reserved4[96]; | |
| 166 | } FltSave; | |
| 167 | ||
| 168 | WinM128A VectorRegister[26]; | |
| 169 | uint64_t VectorControl; | |
| 170 | ||
| 171 | uint64_t DebugControl; | |
| 172 | uint64_t LastBranchToRip; | |
| 173 | uint64_t LastBranchFromRip; | |
| 174 | uint64_t LastExceptionToRip; | |
| 175 | uint64_t LastExceptionFromRip; | |
| 176 | } QEMU_ALIGNED(16) WinContext; |