xref: /qemu/include/qemu/win_dump_defs.h (revision abff1abf) 
1 /*
2  * Windows crashdump definitions
3  *
4  * Copyright (c) 2018 Virtuozzo International GmbH
5  *
6  * This work is licensed under the terms of the GNU GPL, version 2 or later.
7  * See the COPYING file in the top-level directory.
8  *
9  */
10 
11 #ifndef QEMU_WIN_DUMP_DEFS_H
12 #define QEMU_WIN_DUMP_DEFS_H
13 
14 typedef struct WinDumpPhyMemRun64 {
15     uint64_t BasePage;
16     uint64_t PageCount;
17 } QEMU_PACKED WinDumpPhyMemRun64;
18 
19 typedef struct WinDumpPhyMemDesc64 {
20     uint32_t NumberOfRuns;
21     uint32_t unused;
22     uint64_t NumberOfPages;
23     WinDumpPhyMemRun64 Run[43];
24 } QEMU_PACKED WinDumpPhyMemDesc64;
25 
26 typedef struct WinDumpExceptionRecord {
27     uint32_t ExceptionCode;
28     uint32_t ExceptionFlags;
29     uint64_t ExceptionRecord;
30     uint64_t ExceptionAddress;
31     uint32_t NumberParameters;
32     uint32_t unused;
33     uint64_t ExceptionInformation[15];
34 } QEMU_PACKED WinDumpExceptionRecord;
35 
36 typedef struct WinDumpHeader64 {
37     char Signature[4];
38     char ValidDump[4];
39     uint32_t MajorVersion;
40     uint32_t MinorVersion;
41     uint64_t DirectoryTableBase;
42     uint64_t PfnDatabase;
43     uint64_t PsLoadedModuleList;
44     uint64_t PsActiveProcessHead;
45     uint32_t MachineImageType;
46     uint32_t NumberProcessors;
47     union {
48         struct {
49             uint32_t BugcheckCode;
50             uint32_t unused0;
51             uint64_t BugcheckParameter1;
52             uint64_t BugcheckParameter2;
53             uint64_t BugcheckParameter3;
54             uint64_t BugcheckParameter4;
55         };
56         uint8_t BugcheckData[40];
57     };
58     uint8_t VersionUser[32];
59     uint64_t KdDebuggerDataBlock;
60     union {
61         WinDumpPhyMemDesc64 PhysicalMemoryBlock;
62         uint8_t PhysicalMemoryBlockBuffer[704];
63     };
64     union {
65         uint8_t ContextBuffer[3000];
66     };
67     WinDumpExceptionRecord Exception;
68     uint32_t DumpType;
69     uint32_t unused1;
70     uint64_t RequiredDumpSpace;
71     uint64_t SystemTime;
72     char Comment[128];
73     uint64_t SystemUpTime;
74     uint32_t MiniDumpFields;
75     uint32_t SecondaryDataState;
76     uint32_t ProductType;
77     uint32_t SuiteMask;
78     uint32_t WriterStatus;
79     uint8_t unused2;
80     uint8_t KdSecondaryVersion;
81     uint8_t reserved[4018];
82 } QEMU_PACKED WinDumpHeader64;
83 
84 #define KDBG_OWNER_TAG_OFFSET64             0x10
85 #define KDBG_MM_PFN_DATABASE_OFFSET64       0xC0
86 #define KDBG_KI_BUGCHECK_DATA_OFFSET64      0x88
87 #define KDBG_KI_PROCESSOR_BLOCK_OFFSET64    0x218
88 #define KDBG_OFFSET_PRCB_CONTEXT_OFFSET64   0x338
89 
90 #define VMCOREINFO_ELF_NOTE_HDR_SIZE    24
91 
92 #define WIN_CTX_X64 0x00100000L
93 
94 #define WIN_CTX_CTL 0x00000001L
95 #define WIN_CTX_INT 0x00000002L
96 #define WIN_CTX_SEG 0x00000004L
97 #define WIN_CTX_FP  0x00000008L
98 #define WIN_CTX_DBG 0x00000010L
99 
100 #define WIN_CTX_FULL    (WIN_CTX_X64 | WIN_CTX_CTL | WIN_CTX_INT | WIN_CTX_FP)
101 #define WIN_CTX_ALL     (WIN_CTX_FULL | WIN_CTX_SEG | WIN_CTX_DBG)
102 
103 #define LIVE_SYSTEM_DUMP    0x00000161
104 
105 typedef struct WinM128A {
106     uint64_t low;
107     int64_t high;
108 } QEMU_ALIGNED(16) WinM128A;
109 
110 typedef struct WinContext {
111     uint64_t PHome[6];
112 
113     uint32_t ContextFlags;
114     uint32_t MxCsr;
115 
116     uint16_t SegCs;
117     uint16_t SegDs;
118     uint16_t SegEs;
119     uint16_t SegFs;
120     uint16_t SegGs;
121     uint16_t SegSs;
122     uint32_t EFlags;
123 
124     uint64_t Dr0;
125     uint64_t Dr1;
126     uint64_t Dr2;
127     uint64_t Dr3;
128     uint64_t Dr6;
129     uint64_t Dr7;
130 
131     uint64_t Rax;
132     uint64_t Rcx;
133     uint64_t Rdx;
134     uint64_t Rbx;
135     uint64_t Rsp;
136     uint64_t Rbp;
137     uint64_t Rsi;
138     uint64_t Rdi;
139     uint64_t R8;
140     uint64_t R9;
141     uint64_t R10;
142     uint64_t R11;
143     uint64_t R12;
144     uint64_t R13;
145     uint64_t R14;
146     uint64_t R15;
147 
148     uint64_t Rip;
149 
150     struct {
151         uint16_t ControlWord;
152         uint16_t StatusWord;
153         uint8_t TagWord;
154         uint8_t Reserved1;
155         uint16_t ErrorOpcode;
156         uint32_t ErrorOffset;
157         uint16_t ErrorSelector;
158         uint16_t Reserved2;
159         uint32_t DataOffset;
160         uint16_t DataSelector;
161         uint16_t Reserved3;
162         uint32_t MxCsr;
163         uint32_t MxCsr_Mask;
164         WinM128A FloatRegisters[8];
165         WinM128A XmmRegisters[16];
166         uint8_t Reserved4[96];
167     } FltSave;
168 
169     WinM128A VectorRegister[26];
170     uint64_t VectorControl;
171 
172     uint64_t DebugControl;
173     uint64_t LastBranchToRip;
174     uint64_t LastBranchFromRip;
175     uint64_t LastExceptionToRip;
176     uint64_t LastExceptionFromRip;
177 } QEMU_ALIGNED(16) WinContext;
178 
179 #endif /* QEMU_WIN_DUMP_DEFS_H */
180