Re: [Qemu-devel] windows crash dump header. was: Re: [Question] dump mem

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] windows crash dump header. was: Re: [Question] dump mem

From:	Paolo Bonzini
Subject:	Re: [Qemu-devel] windows crash dump header. was: Re: [Question] dump memory when host pci device is used by guest
Date:	Mon, 10 Oct 2011 14:38:35 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:6.0.2) Gecko/20110906 Thunderbird/6.0.2

On 10/10/2011 02:00 PM, Alon Levy wrote:

>  Note that the guest can generate the buffer before it crashes.
>

Thanks. The contents seem to be undocumented (stubbed in reactos).


Those lazy reactos authors. :)

32-bit:

http://www.google.com/codesearch#s5CWGGZtI6g/trunk/Volatility/vtypes.py&q=MajorVersion&exact_package=http://volatility.googlecode.com/svn&ct=rc&cd=1

64-bit:

https://singularity.svn.codeplex.com/svn/base/Windows/Inc/Dump.h

Looks like most of the fields can be made up at crash time, with someluck the others are not needed for a basic debugging session.


Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [Question] dump memory when host pci device is used by guest, (continued)

Prev by Date: Re: [Qemu-devel] [PATCH] rsqrte_f32: No need to copy sign bit.
Next by Date: [Qemu-devel] [PATCH] target-arm: Fix use of free() in cpu_arm_close()
Previous by thread: [Qemu-devel] windows crash dump header. was: Re: [Question] dump memory when host pci device is used by guest
Next by thread: Re: [Qemu-devel] windows crash dump header. was: Re: [Question] dump memory when host pci device is used by guest
Index(es):
- Date
- Thread