[Qemu-devel] Byte ordering of VM Generation ID in Windows VMs

From: Richard W.M. Jones
Subject: [Qemu-devel] Byte ordering of VM Generation ID in Windows VMs
Date: Thu, 5 Jul 2018 13:39:29 +0100
I was doing a bit of investigation around how different hypervisors
handle the VM Generation ID feature.  QEMU's behaviour seems quite
strange, I wonder if this is a bug or expected?

(1) I booted a Windows 2016 VM with:

  qemu-system-x86_64 -M pc,accel=kvm -m 2G -hda w2k16-mincore.img \
      -device vmgenid,guid=01020304-0506-0708-090a-0b0c0d0e0f00,id=vmgenid0

(2) Inside the guest I used the VMGENID.EXE program from:


Note this is self-compiled using mingw64-g++ (not using Visual Studio
which I don't have available), but I don't believe that could have
caused the problem.

(3) The program prints:

  VmCounterValue: 708050601020304:f0e0d0c0b0a09

To make it easier to see, this is the same number but zero-extended:

  VmCounterValue: 07 08 05 06 01 02 03 04 : 00 0f 0e 0d 0c 0b 0a 09
                  \________ LOW ________/   \_______ HIGH _______/
                            WORD                     WORD

As you can see it looks like there is no clear relationship between
the order of the bytes in the guid= parameter and the order that they
are seen by Windows.

BTW if you want to try to reproduce this you will need to use
Windows 2012 R2 or above.


