On Fri, 14 Sep 2018 17:22:14 +0200 Paolo Bonzini <pbonz...@redhat.com> wrote:
> On 29/08/2018 14:41, Viktor Prutyanov wrote: > > elf2dmp is a converter from ELF dump (produced by > > 'dump-guest-memory') to Windows MEMORY.DMP format (also know as > > 'Complete Memory Dump') which can be opened in WinDbg. > > > > This tool can help if VMCoreInfo device/driver is absent in Windows > > VM and 'dump-guest-memory -w' is not available but dump can be > > created in ELF format. > > > > elf2dmp differs from other universal converters in method of > > determining of virtual memory layout. The tool uses register values > > from QEMU ELF dump file to do it. In particular, it uses > > KERNEL_GS_BASE value added to dump format in QEMU 3.0. > > > > Even if KERNEL_GS_BASEs are absent in ELF dump file, at least 1 > > vCPU with kernel task can be found quite often and virtual memory > > layout can be determined. > > > > Viktor Prutyanov (5): > > dump: move Windows dump structures definitions > > contrib: add elf2dmp tool > > contrib/elf2dmp: improve paging root selection > > contrib/elf2dmp: add DMP file name as 2nd argument > > contrib/elf2dmp: add 1GB and 2MB pages support > > > > Makefile | 5 + > > Makefile.objs | 1 + > > configure | 3 + > > contrib/elf2dmp/Makefile.objs | 1 + > > contrib/elf2dmp/addrspace.c | 236 +++++++++++++++++ > > contrib/elf2dmp/addrspace.h | 44 ++++ > > contrib/elf2dmp/download.c | 50 ++++ > > contrib/elf2dmp/download.h | 13 + > > contrib/elf2dmp/err.h | 13 + > > contrib/elf2dmp/kdbg.h | 194 ++++++++++++++ > > contrib/elf2dmp/main.c | 594 > > ++++++++++++++++++++++++++++++++++++++++++ > > contrib/elf2dmp/pdb.c | 331 +++++++++++++++++++++++ > > contrib/elf2dmp/pdb.h | 241 +++++++++++++++++ > > contrib/elf2dmp/pe.h | 121 +++++++++ > > contrib/elf2dmp/qemu_elf.c | 172 ++++++++++++ > > contrib/elf2dmp/qemu_elf.h | 51 ++++ > > include/qemu/win_dump_defs.h | 179 +++++++++++++ > > win_dump.h | 166 +----------- 18 files changed, > > 2253 insertions(+), 162 deletions(-) create mode 100644 > > contrib/elf2dmp/Makefile.objs create mode 100644 > > contrib/elf2dmp/addrspace.c create mode 100644 > > contrib/elf2dmp/addrspace.h create mode 100644 > > contrib/elf2dmp/download.c create mode 100644 > > contrib/elf2dmp/download.h create mode 100644 contrib/elf2dmp/err.h > > create mode 100644 contrib/elf2dmp/kdbg.h > > create mode 100644 contrib/elf2dmp/main.c > > create mode 100644 contrib/elf2dmp/pdb.c > > create mode 100644 contrib/elf2dmp/pdb.h > > create mode 100644 contrib/elf2dmp/pe.h > > create mode 100644 contrib/elf2dmp/qemu_elf.c > > create mode 100644 contrib/elf2dmp/qemu_elf.h > > create mode 100644 include/qemu/win_dump_defs.h > > > > Queued, squashing patches 2-5. Would you like to send a patch for > MAINTAINERS, adding yourself for elf2dmp? > > Paolo If I add myself to MAINTAINERS, what I will be expected to do? Viktor
