Recently a Windows guest driver has been added with the ability to publish the data needed to produce useful guest dumps on the hypervisor side. The data is wrapped in a standard VMCOREINFO container and is exposed to the hypervisor via FwCfg (see https://github.com/virtio-win/kvm-guest-drivers-windows/tree/master/fwcfg64)
This patch series extends dump-guest-memory to make use of this data and generate guest dumps in Windows crashdump format directly in QEMU (as opposed to postprocessing the traditional ELF dumps). The first patch in the series is identical to the one posted two weeks ago with message-id: <20180501132031.13270-1-viktor.prutya...@virtuozzo.com>. The rest are various improvements on top of it, making it useful in situations beyond immediately after a BSOD. Viktor Prutyanov (4): dump: add Windows dump format to dump-guest-memory dump: use system context in Windows dump dump: add fallback KDBG using in Windows dump dump: add Windows live system dump Makefile.target | 1 + dump.c | 24 +++- hmp-commands.hx | 13 +- hmp.c | 9 +- qapi/misc.json | 5 +- win_dump.c | 385 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ win_dump.h | 176 ++++++++++++++++++++++++++ 7 files changed, 604 insertions(+), 9 deletions(-) create mode 100644 win_dump.c create mode 100644 win_dump.h -- 2.14.3
