p:
> contrib/elf2dmp/pdb.h | 2 --
> contrib/elf2dmp/pe.h | 1 -
> contrib/elf2dmp/qemu_elf.h| 1 -
Acked-by: Viktor Prutyanov
--
Viktor Prutyanov
built both for Linux and Windows hosts.
Viktor Prutyanov (2):
contrib/elf2dmp: use GLib file mapping
contrib/elf2dmp: elf2dmp for Windows hosts
Makefile | 4 ++--
contrib/elf2dmp/Makefile.objs | 2 +-
contrib/elf2dmp/addrspace.c | 7 ---
contrib/elf2dmp/file_map.c
Replace POSIX mmap with GLib g_mapped_file_new to make elf2dmp
cross-paltform. After this patch there are no direct POSIX calls.
Signed-off-by: Viktor Prutyanov
---
Makefile | 2 +-
contrib/elf2dmp/Makefile.objs | 2 +-
contrib/elf2dmp/addrspace.c | 7 ---
contrib
After this patch elf2dmp can be built by mingw64 for Windows hosts.
Signed-off-by: Viktor Prutyanov
---
Makefile | 4 ++--
contrib/elf2dmp/kdbg.h | 12
contrib/elf2dmp/main.c | 27 +++
contrib/elf2dmp/pdb.c | 4 +++-
contrib/elf2dmp/pdb.h
On Fri, 14 Sep 2018 17:22:14 +0200
Paolo Bonzini wrote:
> On 29/08/2018 14:41, Viktor Prutyanov wrote:
> > elf2dmp is a converter from ELF dump (produced by
> > 'dump-guest-memory') to Windows MEMORY.DMP format (also know as
> > 'Complete Memory
Add myself as contrib/elf2dmp maintainer and elf2dmp as maintained.
Signed-off-by: Viktor Prutyanov
---
MAINTAINERS | 5 +
1 file changed, 5 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index d12518c08f..e70ff1e009 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1888,6 +1888,11 @@ S
built both for Linux and Windows (x86
and x86_64) hosts.
Viktor Prutyanov (6):
contrib/elf2dmp: fix elf.h including
contrib/elf2dmp: use GLib in ELF processing
contrib/elf2dmp: use GLib in PDB processing
contrib/elf2dmp: fix structures definitions
contrib/elf2dmp: fix printf format
Remove duplicate structures definitions in case of build for Windows hosts.
Signed-off-by: Viktor Prutyanov
---
contrib/elf2dmp/kdbg.h | 12
contrib/elf2dmp/pdb.h | 2 ++
contrib/elf2dmp/pe.h | 6 --
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/contrib
After this patch contrib/elf2dmp can be built for Windows x86 and x86_64
hosts by mingw.
Signed-off-by: Viktor Prutyanov
---
Makefile | 4 ++--
configure | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/Makefile b/Makefile
index c8b9efdad4..25acb94aa6 100644
--- a
Replace POSIX mmap with GLib g_mapped_file_new in ELF processing module
to make elf2dmp cross-platform.
Signed-off-by: Viktor Prutyanov
---
contrib/elf2dmp/qemu_elf.c | 27 ---
contrib/elf2dmp/qemu_elf.h | 2 +-
2 files changed, 9 insertions(+), 20 deletions(-)
diff
Format strings for printf are changed for successful build for Windows
hosts.
Signed-off-by: Viktor Prutyanov
---
contrib/elf2dmp/main.c | 27 +++
contrib/elf2dmp/pdb.c | 4 +++-
2 files changed, 18 insertions(+), 13 deletions(-)
diff --git a/contrib/elf2dmp/main.c b
Replace POSIX mmap with GLib g_mapped_file_new in PDB processing stage
to make elf2dmp cross-platform. There are no direct POSIX in elf2dmp
after this patch.
Signed-off-by: Viktor Prutyanov
---
contrib/elf2dmp/pdb.c | 29 -
contrib/elf2dmp/pdb.h | 2 +-
2 files
Before this patch QEMU elf.h was not actually included.
Signed-off-by: Viktor Prutyanov
---
contrib/elf2dmp/qemu_elf.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/contrib/elf2dmp/qemu_elf.h b/contrib/elf2dmp/qemu_elf.h
index d85d6558fa..19d1299954 100644
--- a
: Viktor Prutyanov
---
win_dump.c | 28 ++--
1 file changed, 22 insertions(+), 6 deletions(-)
diff --git a/win_dump.c b/win_dump.c
index 7d956ca996..2d9afb514e 100644
--- a/win_dump.c
+++ b/win_dump.c
@@ -144,21 +144,37 @@ static void check_kdbg(WinDumpHeader64 *h, Error **errp
ned-off-by: Viktor Prutyanov
Reviewed-by: Marc-André Lureau
---
This patch is unchanged from the one posted separately on 2018-05-01
with message-id: <20180501132031.13270-1-viktor.prutya...@virtuozzo.com>
Makefile.target | 1 +
dump.c | 24 ++-
hmp-commands.hx |
ago with message-id: <20180501132031.13270-1-viktor.prutya...@virtuozzo.com>.
The rest are various improvements on top of it, making it useful in
situations beyond immediately after a BSOD.
Viktor Prutyanov (4):
dump: add Windows dump format to dump-guest-memory
dump: use system cont
Unlike dying Windows, live system memory doesn't contain
correct register contexts. But they can be populated with QEMU register
values.
After this patch, QEMU will be able to produce guest Windows live system
dump.
Signed-off-by: Viktor Prutyanov
---
win_dump.c
We use CPU #0 to access guest virtual memory, but it can execute user
thread at that moment. So, switch CR3 to PageDirectoryBase from header
and restore original value at the end.
Signed-off-by: Viktor Prutyanov
---
win_dump.c | 26 +-
1 file changed, 17 insertions(+), 9
Fix building issues for targets other than x86_64
Signed-off-by: Viktor Prutyanov
---
Makefile.target | 2 ++
1 file changed, 2 insertions(+)
diff --git a/Makefile.target b/Makefile.target
index 6ae2609..5be6d18 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -138,7 +138,9 @@ obj-y += hw
.
Even if KERNEL_GS_BASEs are absent in ELF dump file, at least 1 vCPU with
kernel task can be found quite often and virtual memory layout can be
determined.
Viktor Prutyanov (5):
dump: move Windows dump structures definitions
contrib: add elf2dmp tool
contrib/elf2dmp: improve paging root select
After this patch 1GB and 2MB pages are being correctly processed during
virtual address resolving.
Signed-off-by: Viktor Prutyanov
---
contrib/elf2dmp/addrspace.c | 23 +++
1 file changed, 23 insertions(+)
diff --git a/contrib/elf2dmp/addrspace.c b/contrib/elf2dmp
Even if KERNEL_GS_BASEs are absent in QEMU CPU states, there
is a chance to find suitable CR3 value from CPU which runs kernel task.
Signed-off-by: Viktor Prutyanov
---
contrib/elf2dmp/main.c | 56 +++---
contrib/elf2dmp/qemu_elf.c | 16
Before this patch output DMP file name was strictly 'memory.dmp'.
Signed-off-by: Viktor Prutyanov
---
contrib/elf2dmp/main.c | 34 +++---
1 file changed, 23 insertions(+), 11 deletions(-)
diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
ind
This patch moves definitions of Windows dump structures to
include/qemu/win_dump_defs.h to keep create_win_dump() prototype separate.
Signed-off-by: Viktor Prutyanov
---
include/qemu/win_dump_defs.h | 179 +++
win_dump.h | 166
We should map and use guest memory run by parts if it can't be mapped as
a whole.
After this patch, continuos guest physical memory blocks which are not
continuos in host virtual address space will be processed correctly.
Signed-off-by: Viktor Prutyanov
---
win_dump.c
В Wed, 29 Aug 2018 21:30:56 +0300
Viktor Prutyanov пишет:
> We should map and use guest memory run by parts if it can't be mapped
> as a whole.
> After this patch, continuos guest physical memory blocks which are not
> continuos in host virtual address space will be pr
В Wed, 29 Aug 2018 15:41:23 +0300
Viktor Prutyanov пишет:
> elf2dmp is a converter from ELF dump (produced by
> 'dump-guest-memory') to Windows MEMORY.DMP format (also know as
> 'Complete Memory Dump') which can be opened in WinDbg.
>
> This tool can help if
: Viktor Prutyanov
---
target/i386/arch_dump.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/target/i386/arch_dump.c b/target/i386/arch_dump.c
index 35b55fc..a702138 100644
--- a/target/i386/arch_dump.c
+++ b/target/i386/arch_dump.c
@@ -237,7 +237,7 @@ int
On Wed, 11 Jul 2018 13:00:25 -0300
Eduardo Habkost wrote:
> On Tue, Jul 10, 2018 at 06:21:09PM +0300, Viktor Prutyanov wrote:
> > This patch adds field with content of KERNEL_GS_BASE MSR to QEMU
> > note in ELF dump.
> >
> > On Windows, if all vCPUs are running use
: Viktor Prutyanov
---
v2: keep version 1 in QEMUCPUState and document the extension procedure
target/i386/arch_dump.c | 8
1 file changed, 8 insertions(+)
diff --git a/target/i386/arch_dump.c b/target/i386/arch_dump.c
index 35b55fc..cc8750f 100644
--- a/target/i386/arch_dump.c
+++ b
: Viktor Prutyanov
---
v2: keep version 1 in QEMUCPUState and document the extension procedure
v3: enable kernel_gs_base filling only on x86_64
target/i386/arch_dump.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/target/i386/arch_dump.c b/target/i386/arch_dump.c
index 35b55fc200
ned-off-by: Viktor Prutyanov
---
v1: documentation updated
v2: qapi/misc.json updated with version info
v3: qapi/misc.json codestyle fixed
Makefile.target | 1 +
dump.c | 24 +++-
hmp-commands.hx | 13 ++--
hmp.c | 9 ++-
qapi/misc.json | 5 +-
win_dump.c
ned-off-by: Viktor Prutyanov
Reviewed-by: Marc-André Lureau
---
v1: documentation updated
v2: qapi/misc.json updated with version info
v3: qapi/misc.json codestyle fixed
Makefile.target | 1 +
dump.c | 24 +++-
hmp-commands.hx | 13 ++--
hmp.c | 9 ++-
qapi/misc.j
ned-off-by: Viktor Prutyanov
Reviewed-by: Marc-André Lureau
---
v1: documentation updated
v2: qapi/misc.json updated with version info
v3: qapi/misc.json codestyle fixed
v4: make error processing more quality
Makefile.target | 1 +
dump.c | 24 ++-
hmp-commands.hx | 13 +
On Thu, 17 May 2018 19:23:38 +0300
Viktor Prutyanov wrote:
> Recently a Windows guest driver has been added with the ability to
> publish the data needed to produce useful guest dumps on the
> hypervisor side. The data is wrapped in a standard VMCOREINFO
> container and is ex
On Mon, 11 Jun 2018 16:31:42 +0200
Markus Armbruster wrote:
> Looks stuck. Paolo, would you be willing to take this through your
> tree?
>
> Viktor Prutyanov writes:
>
> > This patch adds Windows crashdumping feature. Now QEMU can produce
> > ELF-dump containi
dump-guest-memory
command. At the moment, only x64 configuration is supported.
Suitable driver can be found at
https://github.com/virtio-win/kvm-guest-drivers-windows/tree/master/fwcfg64
Signed-off-by: Viktor Prutyanov
---
Makefile.target | 1 +
dump.c | 24 +++-
hmp-commands.hx | 13 +
On Tue, 17 Apr 2018 14:03:18 +0200
Marc-André Lureau wrote:
> Hi
>
> On Mon, Apr 16, 2018 at 9:40 PM, Viktor Prutyanov
> wrote:
> > This patch adds Windows crashdumping feature. Now QEMU can produce
> > crashdump file understandable for WinDbg. The crashdump will be
ned-off-by: Viktor Prutyanov
---
v1: documentation updated
Makefile.target | 1 +
dump.c | 24 +++-
hmp-commands.hx | 13 ++--
hmp.c | 9 ++-
qapi/misc.json | 4 +-
win_dump.c | 182
win_dump.h
On Tue, 17 Apr 2018 16:17:54 +0200
Marc-André Lureau wrote:
Hello,
> Hi
>
> On Tue, Apr 17, 2018 at 3:50 PM, Viktor Prutyanov
> wrote:
> > This patch adds Windows crashdumping feature. Now QEMU can produce
> > ELF-dump containing Windows crashdump header, which can
ned-off-by: Viktor Prutyanov
---
v1: documentation updated
v2: qapi/misc.json updated with version info
Makefile.target | 1 +
dump.c | 24 +++-
hmp-commands.hx | 13 ++--
hmp.c | 9 ++-
qapi/misc.json | 4 +-
win_dump.c
On Tue, 1 May 2018 16:20:31 +0300
Viktor Prutyanov wrote:
> This patch adds Windows crashdumping feature. Now QEMU can produce
> ELF-dump containing Windows crashdump header, which can help to
> convert to a valid WinDbg-understandable crashdump file, or
> immediately create su
w(vs, KiWaitAlways, &kwa, sizeof(kwa), 0))
> {
> -return NULL;
> -}
> +if (memcmp(&kdbg_hdr.OwnerTag, OwnerTag, sizeof(OwnerTag))) {
> +decode = true;
>
> printf("[KiWaitNever] = 0x%016"PRIx64"\n", kwn);
> printf("[KiWaitAlways] = 0x%016"PRIx64"\n", kwa);
Hi!
I suppose the problem is in your compiler, because kdbg_decode() is
only used when KdpDataBlockEncoded is already initialized by
SYM_RESOLVE().
--
Viktor Prutyanov
On Fri, 6 Mar 2020 02:18:07 +
"Chenqun (kuhn)" wrote:
> >-Original Message-
> >From: Viktor Prutyanov [mailto:viktor.prutya...@phystech.edu]
> >Sent: Friday, March 6, 2020 2:59 AM
> >To: Chenqun (kuhn)
> >Cc: qemu-devel@nongnu.org; pbonz...@
; address.
>
> I guess we should be checking for nt_start_addr == NULL at the
> end of the loop and treating it as a fatal error?
You're right. I will make a fix.
>
> thanks
> -- PMM
--
Viktor Prutyanov
ct/qemu/-/issues/418
Suggested-by: Hanna Reitz
Signed-off-by: Viktor Prutyanov
Tested-by: Helge Konetzka
---
v2:
- fix indentation in raw_reopen_prepare
- free rs if raw_reopen_prepare fails
v3:
- restore suggested-by field missed in v2
v4:
- add file type check
- add c
ct/qemu/-/issues/418
Suggested-by: Hanna Reitz
Signed-off-by: Viktor Prutyanov
Tested-by: Helge Konetzka
---
v2:
- fix indentation in raw_reopen_prepare
- free rs if raw_reopen_prepare fails
v3:
- restore suggested-by field missed in v2
v4:
- add file type check
- add c
ct/qemu/-/issues/418
Suggested-by: Hanna Reitz
Signed-off-by: Viktor Prutyanov
---
block/file-win32.c | 85 +-
1 file changed, 84 insertions(+), 1 deletion(-)
diff --git a/block/file-win32.c b/block/file-win32.c
index 2642088bd6..e44878e6be 100644
---
ct/qemu/-/issues/418
Signed-off-by: Viktor Prutyanov
---
v2:
- fix indentation in raw_reopen_prepare
- free rs if raw_reopen_prepare fails
block/file-win32.c | 90 +-
1 file changed, 89 insertions(+), 1 deletion(-)
diff --git a/block/file-
ct/qemu/-/issues/418
Suggested-by: Hanna Reitz
Signed-off-by: Viktor Prutyanov
---
v2:
- fix indentation in raw_reopen_prepare
- free rs if raw_reopen_prepare fails
v3:
- restore suggested-by field missed in v2
block/file-win32.c | 90 +-
izeof(r->file_used));
> r->ds.header = hdr;
> r->ds.toc = pdb_ds_read(hdr, (uint32_t *)((uint8_t *)hdr +
Looks good.
Reviewed-by: Viktor Prutyanov
--
Viktor Prutyanov
setopt(curl, CURLOPT_FOLLOWLOCATION, 1) !=
> CURLE_OK
> +|| curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0) !=
> CURLE_OK
> +|| curl_easy_perform(curl) != CURLE_OK) {
> unlink(name);
> -goto out_curl;
> +fclose(file);
> +err = 1;
> +} else {
> +err = fclose(file);
> }
>
> -err = fclose(file);
> -
> out_curl:
> curl_easy_cleanup(curl);
>
> ---
>
Honestly, I would prefer this version over the original patch.
In any way, I have tested both of them.
--
Viktor Prutyanov
().
> Check for this and fail cleanly instead.
>
> Fixes: Coverity CID 1458869
> Signed-off-by: Peter Maydell
> Reviewed-by: Viktor Prutyanov
> Message-Id: <20210901143910.17112-3-peter.mayd...@linaro.org>
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> Inf
ff-by: Philippe Mathieu-Daudé
> ---
> Informal T-b tag on
> https://lore.kernel.org/qemu-devel/20210909004313.1dadb24e@192.168.1.7/
> Tested-by: Viktor Prutyanov
>
> v1 from Peter:
> https://lore.kernel.org/qemu-devel/20210901143910.17112-2-peter.mayd...@li
Before this patch, if elf2dmp failed to find NT kernel PE magic in
allowed virtual address range, then it assumes NULL as NT kernel
address and cause segfault.
This patch fix the problem described above by checking NT kernel address
before futher processing.
Signed-off-by: Viktor Prutyanov
g, &vs, &qemu_elf)) {
> err = 1;
> -goto out_pdb;
> + goto out_kdbg;
> }
>
> if (write_dump(&ps, &header, argv[2])) {
Reviewed-by: Viktor Prutyanov
--
Viktor Prutyanov
On Fri, 14 Aug 2020 12:02:32 -0400
Pan Nengyuan wrote:
> Missing g_error_free in QEMU_Elf_init() error path. Fix that.
>
> Reported-by: Euler Robot
> Signed-off-by: Pan Nengyuan
> ---
> Cc: Viktor Prutyanov
> ---
> contrib/elf2dmp/qemu_elf.c | 1 +
> 1 file change
On Fri, 14 Aug 2020 12:02:33 -0400
Pan Nengyuan wrote:
> Missing g_error_free in pdb_init_from_file() error path. Fix that.
>
> Reported-by: Euler Robot
> Signed-off-by: Pan Nengyuan
> ---
> Cc: Viktor Prutyanov
> ---
> contrib/elf2dmp/pdb.c | 1 +
> 1 file change
101 - 158 of 158 matches
Mail list logo
