[Qemu-devel] [PATCH 0/5] contrib: add elf2dmp tool

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 0/5] contrib: add elf2dmp tool

From:	Viktor Prutyanov
Subject:	[Qemu-devel] [PATCH 0/5] contrib: add elf2dmp tool
Date:	Wed, 29 Aug 2018 15:41:23 +0300

elf2dmp is a converter from ELF dump (produced by 'dump-guest-memory') to
Windows MEMORY.DMP format (also know as 'Complete Memory Dump') which can be
opened in WinDbg.

This tool can help if VMCoreInfo device/driver is absent in Windows VM and
'dump-guest-memory -w' is not available but dump can be created in ELF format.

elf2dmp differs from other universal converters in method of determining of
virtual memory layout. The tool uses register values from QEMU ELF dump file
to do it. In particular, it uses KERNEL_GS_BASE value added to dump format in
QEMU 3.0.

Even if KERNEL_GS_BASEs are absent in ELF dump file, at least 1 vCPU with
kernel task can be found quite often and virtual memory layout can be
determined.

Viktor Prutyanov (5):
  dump: move Windows dump structures definitions
  contrib: add elf2dmp tool
  contrib/elf2dmp: improve paging root selection
  contrib/elf2dmp: add DMP file name as 2nd argument
  contrib/elf2dmp: add 1GB and 2MB pages support

 Makefile                      |   5 +
 Makefile.objs                 |   1 +
 configure                     |   3 +
 contrib/elf2dmp/Makefile.objs |   1 +
 contrib/elf2dmp/addrspace.c   | 236 +++++++++++++++++
 contrib/elf2dmp/addrspace.h   |  44 ++++
 contrib/elf2dmp/download.c    |  50 ++++
 contrib/elf2dmp/download.h    |  13 +
 contrib/elf2dmp/err.h         |  13 +
 contrib/elf2dmp/kdbg.h        | 194 ++++++++++++++
 contrib/elf2dmp/main.c        | 594 ++++++++++++++++++++++++++++++++++++++++++
 contrib/elf2dmp/pdb.c         | 331 +++++++++++++++++++++++
 contrib/elf2dmp/pdb.h         | 241 +++++++++++++++++
 contrib/elf2dmp/pe.h          | 121 +++++++++
 contrib/elf2dmp/qemu_elf.c    | 172 ++++++++++++
 contrib/elf2dmp/qemu_elf.h    |  51 ++++
 include/qemu/win_dump_defs.h  | 179 +++++++++++++
 win_dump.h                    | 166 +-----------
 18 files changed, 2253 insertions(+), 162 deletions(-)
 create mode 100644 contrib/elf2dmp/Makefile.objs
 create mode 100644 contrib/elf2dmp/addrspace.c
 create mode 100644 contrib/elf2dmp/addrspace.h
 create mode 100644 contrib/elf2dmp/download.c
 create mode 100644 contrib/elf2dmp/download.h
 create mode 100644 contrib/elf2dmp/err.h
 create mode 100644 contrib/elf2dmp/kdbg.h
 create mode 100644 contrib/elf2dmp/main.c
 create mode 100644 contrib/elf2dmp/pdb.c
 create mode 100644 contrib/elf2dmp/pdb.h
 create mode 100644 contrib/elf2dmp/pe.h
 create mode 100644 contrib/elf2dmp/qemu_elf.c
 create mode 100644 contrib/elf2dmp/qemu_elf.h
 create mode 100644 include/qemu/win_dump_defs.h

-- 
2.7.4

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 0/5] contrib: add elf2dmp tool, Viktor Prutyanov <=
- [Qemu-devel] [PATCH 5/5] contrib/elf2dmp: add 1GB and 2MB pages support, Viktor Prutyanov, 2018/08/29
- [Qemu-devel] [PATCH 3/5] contrib/elf2dmp: improve paging root selection, Viktor Prutyanov, 2018/08/29
- [Qemu-devel] [PATCH 4/5] contrib/elf2dmp: add DMP file name as 2nd argument, Viktor Prutyanov, 2018/08/29
- [Qemu-devel] [PATCH 1/5] dump: move Windows dump structures definitions, Viktor Prutyanov, 2018/08/29

Prev by Date: [Qemu-devel] [PATCH 5/5] contrib/elf2dmp: add 1GB and 2MB pages support
Next by Date: [Qemu-devel] [PATCH 3/5] contrib/elf2dmp: improve paging root selection
Previous by thread: [Qemu-devel] [PATCH 0/2] virtio-gpu: add iommu support
Next by thread: [Qemu-devel] [PATCH 5/5] contrib/elf2dmp: add 1GB and 2MB pages support
Index(es):
- Date
- Thread