Rizin
unix-like reverse engineering framework and cli tools
mdmp_specs.h
Go to the documentation of this file.
1 // SPDX-FileCopyrightText: 2016 Davis
2 // SPDX-FileCopyrightText: 2016 Alex Kornitzer <alex.kornitzer@countercept.com>
3 // SPDX-License-Identifier: LGPL-3.0-only
4 
5 #ifndef MDMP_SPECS_H
6 #define MDMP_SPECS_H
7 
8 #include <rz_types_base.h>
9 
10 #include "mdmp_windefs.h"
11 
12 #define MDMP_MEM_COMMIT 0x01000
13 #define MDMP_MEM_FREE 0x10000
14 #define MDMP_MEM_RESERVE 0x02000
15 
16 #define MDMP_MEM_IMAGE 0x1000000
17 #define MDMP_MEM_MAPPED 0x0040000
18 #define MDMP_MEM_PRIVATE 0x0020000
19 
20 #define MDMP_PROCESSOR_ARCHITECTURE_INTEL 0x0000
21 #define MDMP_PROCESSOR_ARCHITECTURE_ARM 0x0005
22 #define MDMP_PROCESSOR_ARCHITECTURE_IA64 0x0006
23 #define MDMP_PROCESSOR_ARCHITECTURE_AMD64 0x0009
24 #define MDMP_PROCESSOR_ARCHITECTURE_UNKNOWN 0xFFFF
25 
26 #define MDMP_VER_NT_WORKSTATION 0x0000001
27 #define MDMP_VER_NT_DOMAIN_CONTROLLER 0x0000002
28 #define MDMP_VER_NT_SERVER 0x0000003
29 
30 #define MDMP_VER_PLATFORM_WIN32s 0x0000
31 #define MDMP_VER_PLATFORM_WIN32_WINDOWS 0x0001
32 #define MDMP_VER_PLATFORM_WIN32_NT 0x0002
33 
34 #define MDMP_VER_SUITE_SMALLBUSINESS 0x00000001
35 #define MDMP_VER_SUITE_ENTERPRISE 0x00000002
36 #define MDMP_VER_SUITE_BACKOFFICE 0x00000004
37 #define MDMP_VER_SUITE_TERMINAL 0x00000010
38 #define MDMP_VER_SUITE_SMALLBUSINESS_RESTRICTED 0x00000020
39 #define MDMP_VER_SUITE_EMBEDDEDNT 0x00000040
40 #define MDMP_VER_SUITE_DATACENTER 0x00000080
41 #define MDMP_VER_SUITE_SINGLEUSERTS 0x00000100
42 #define MDMP_VER_SUITE_PERSONAL 0x00000200
43 #define MDMP_VER_SUITE_BLADE 0x00000400
44 #define MDMP_VER_SUITE_STORAGE_SERVER 0x00002000
45 #define MDMP_VER_SUITE_COMPUTE_SERVER 0x00004000
46 
47 #define MDMP_MAGIC "\x4D\x44\x4D\x50\x93\xA7"
48 
49 #define AVRF_MAX_TRACES 32
50 
51 #define MINIDUMP_PAGE_NOACCESS 0x00000001
52 #define MINIDUMP_PAGE_READONLY 0x00000002
53 #define MINIDUMP_PAGE_READWRITE 0x00000004
54 #define MINIDUMP_PAGE_WRITECOPY 0x00000008
55 #define MINIDUMP_PAGE_EXECUTE 0x00000010
56 #define MINIDUMP_PAGE_EXECUTE_READ 0x00000020
57 #define MINIDUMP_PAGE_EXECUTE_READWRITE 0x00000040
58 #define MINIDUMP_PAGE_EXECUTE_WRITECOPY 0x00000080
59 #define MINIDUMP_PAGE_GUARD 0x00000100
60 #define MINIDUMP_PAGE_NOCACHE 0x00000200
61 #define MINIDUMP_PAGE_WRITECOMBINE 0x00000400
62 #define MINIDUMP_PAGE_TARGETS_INVALID 0x40000000
63 #define MINIDUMP_PAGE_TARGETS_NO_UPDATE 0x40000000
64 
65 #define MINIDUMP_MISC1_PROCESS_ID 0x00000001
66 #define MINIDUMP_MISC1_PROCESS_TIMES 0x00000002
67 #define MINIDUMP_MISC1_PROCESSOR_POWER_INFO 0x00000004
68 
69 #define MINIDUMP_THREAD_INFO_ERROR_THREAD 0x00000001
70 #define MINIDUMP_THREAD_INFO_WRITING_THREAD 0x00000002
71 #define MINIDUMP_THREAD_INFO_EXITED_THREAD 0x00000004
72 #define MINIDUMP_THREAD_INFO_INVALID_INFO 0x00000008
73 #define MINIDUMP_THREAD_INFO_INVALID_CONTEXT 0x00000010
74 #define MINIDUMP_THREAD_INFO_INVALID_TEB 0x00000020
75 
76 typedef ut32 rva_t;
77 typedef ut64 rva64_t;
78 
79 /* Identifies the type of information returned by the MiniDumpCallback
80  * function. */
81 typedef enum minidump_callback_type_t {
82  MODULE_CALLBACK,
83  THREAD_CALLBACK,
84  THREAD_EX_CALLBACK,
85  INCLUDE_THREAD_CALLBACK,
86  INCLUDE_MODULE_CALLBACK,
87  MEMORY_CALLBACK,
88  CANCEL_CALLBACK,
89  WRITE_KERNEL_MINIDUMP_CALLBACK,
90  KERNEL_MINIDUMP_STATUS_CALLBACK,
91  REMOVE_MEMORY_CALLBACK,
92  INCLUDE_VM_REGION_CALLBACK,
93  IO_START_CALLBACK,
94  IO_WRITE_ALL_CALLBACK,
95  IO_FINISH_CALLBACK,
96  READ_MEMORY_FAILURE_CALLBACK,
97  SECONDARY_FLAGS_CALLBACK
98 } minidump_callback_type;
99 
100 /* Identifies the type of object-specific information. */
101 typedef enum minidump_handle_object_information_type_t {
102  MINI_HANDLE_OBJECT_INFORMATION_NONE,
103  MINI_THREAD_INFORMATION_1,
104  MINI_MUTANT_INFORMATION_1,
105  MINI_MUTANT_INFORMATION_2,
106  MINI_PROCESS_INFORMATION_1,
107  MINI_PROCESS_INFORMATION_2
108 } minidump_handle_object_information_type;
109 
110 typedef enum minidump_secondary_flags_t {
111  MINI_SECONDARY_WITHOUT_POWER_INFO = 0X00000001
112 } minidump_secondary_flags;
113 
114 /* Represents the type of a minidump data stream. */
115 typedef enum minidump_stream_type_t {
116  UNUSED_STREAM = 0,
117  RESERVED_STREAM_0 = 1,
118  RESERVED_STREAM_1 = 2,
119  THREAD_LIST_STREAM = 3,
120  MODULE_LIST_STREAM = 4,
121  MEMORY_LIST_STREAM = 5,
122  EXCEPTION_STREAM = 6,
123  SYSTEM_INFO_STREAM = 7,
124  THREAD_EX_LIST_STREAM = 8,
125  MEMORY_64_LIST_STREAM = 9,
126  COMMENT_STREAM_A = 10,
127  COMMENT_STREAM_W = 11,
128  HANDLE_DATA_STREAM = 12,
129  FUNCTION_TABLE_STREAM = 13,
130  UNLOADED_MODULE_LIST_STREAM = 14,
131  MISC_INFO_STREAM = 15,
132  MEMORY_INFO_LIST_STREAM = 16,
133  THREAD_INFO_LIST_STREAM = 17,
134  HANDLE_OPERATION_LIST_STREAM = 18,
135  TOKEN_STREAM = 19,
136  JAVASCRIPT_DATA_STREAM = 20,
137  SYSTEM_MEMORY_INFO_STREAM = 21,
138  PROCESS_VM_COUNTERS_STREAM = 22,
139  IPT_TRACE_STREAM = 23,
140  THREAD_NAMES_STREAM = 24,
141  LAST_RESERVED_STREAM = 0xffff
142 } minidump_stream_type;
143 
144 /* Identifies the type of information that will be written to the minidump file
145  * by the MiniDumpWriteDump function. */
146 typedef enum minidump_type_t {
147  MINI_DUMP_NORMAL = 0x00000000,
148  MINI_DUMP_WITH_DATA_SEGS = 0x00000001,
149  MINI_DUMP_WITH_FULL_MEMORY = 0x00000002,
150  MINI_DUMP_WITH_HANDLE_DATA = 0x00000004,
151  MINI_DUMP_FILTER_MEMORY = 0x00000008,
152  MINI_DUMP_SCAN_MEMORY = 0x00000010,
153  MINI_DUMP_WITH_UNLOADED_MODULES = 0x00000020,
154  MINI_DUMP_WITHIN_DIRECTLY_REFERENCED_MEMORY = 0x00000040,
155  MINI_DUMP_FILTER_MODULE_PATHS = 0x00000080,
156  MINI_DUMP_WITH_PROCESS_THREAD_DATA = 0x00000100,
157  MINI_DUMP_WITH_PRIVATE_READ_WRITE_MEMORY = 0x00000200,
158  MINI_DUMP_WITHOUT_OPTIONAL_DATA = 0x00000400,
159  MINI_DUMP_WITH_FULL_MEMORY_INFO = 0x00000800,
160  MINI_DUMP_WITH_THREAD_INFO = 0x00001000,
161  MINI_DUMP_WITH_CODE_SEGS = 0x00002000,
162  MINI_DUMP_WITHOUT_AUXILIARY_STATE = 0x00004000,
163  MINI_DUMP_WITH_FULL_AUXILIARY_STATE = 0x00008000,
164  MINI_DUMP_WITH_PRIVATE_WRITE_COPY_MEMORY = 0x00010000,
165  MINI_DUMP_IGNORE_INACCESSIBLE_MEMORY = 0x00020000,
166  MINI_DUMP_WITH_TOKEN_INFORMATION = 0x00040000,
167  MINI_DUMP_WITH_MODULE_HEADERS = 0x00080000,
168  MINI_DUMP_FILTER_TRIAGE = 0x00100000,
169  MINI_DUMP_VALID_TYPE_FLAGS = 0x001fffff
170 } minidump_type;
171 
172 /* Identifies the type of module information that will be written to the
173  * minidump file by the MiniDumpWriteDump function. */
174 typedef enum module_write_flags_t {
175  MODULE_WRITE_MODULE = 0x0001,
176  MODULE_WRITE_DATA_SEG = 0x0002,
177  MODULE_WRITE_MISC_RECORD = 0x0004,
178  MODULE_WRITE_CV_RECORD = 0x0008,
179  MODULE_REFERENCED_BY_MEMORY = 0x0010,
180  MODULE_WRITE_TLS_DATA = 0x0020,
181  MODULE_WRITE_CODE_SEGS = 0x0040
182 } module_write_flags;
183 
184 /* Identifies the type of thread information that will be written to the
185  * minidump file by the MiniDumpWriteDump function. */
186 typedef enum thread_write_flags_t {
187  THREAD_WRITE_THREAD = 0x0001,
188  THREAD_WRITE_STACK = 0x0002,
189  THREAD_WRITE_CONTEXT = 0x0004,
190  THREAD_WRITE_BACKING_STORE = 0x0008,
191  THREAD_WRITE_INSTRUCTION_WINDOW = 0x0010,
192  THREAD_WRITE_THREAD_DATA = 0x0020,
193  THREAD_WRITE_THREAD_INFO = 0x0040
194 } thread_write_flags;
195 
196 /* Contains header information for the minidump file. */
197 RZ_PACKED(
198  struct minidump_header {
199  ut32 signature;
200  ut32 version;
201  ut32 number_of_streams;
202  rva_t stream_directory_rva;
203  ut32 check_sum;
204 
205  union {
206  ut32 reserved;
207  ut32 time_date_stamp;
208  };
209 
210  ut64 flags;
211  });
212 
213 /* Contains information describing the location of a data stream within a
214  * minidump file. */
215 RZ_PACKED(
216  struct minidump_location_descriptor {
217  ut32 data_size;
218  rva_t rva;
219  });
220 
221 /* Contains information describing the location of a data stream within a
222  * minidump file. */
223 RZ_PACKED(
224  struct minidump_location_descriptor64 {
225  ut64 data_size;
226  rva64_t rva;
227  });
228 
229 /* Describes a range of memory. */
230 RZ_PACKED(
231  struct minidump_memory_descriptor {
232  ut64 start_of_memory_range;
233  struct minidump_location_descriptor memory;
234  });
235 
236 /* Describes a range of memory. */
237 RZ_PACKED(
238  struct minidump_memory_descriptor64 {
239  ut64 start_of_memory_range;
240  ut64 data_size;
241  });
242 
243 /* Contains the information needed to access a specific data stream in a minidump file. */
244 RZ_PACKED(
245  struct minidump_directory {
246  ut32 stream_type;
247  struct minidump_location_descriptor location;
248  });
249 
250 /* Contains exception information. */
251 RZ_PACKED(
252  struct minidump_exception {
253  ut32 exception_code;
254  ut32 exception_flags;
255  ut64 exception_record;
256  ut64 exception_address;
257  ut32 number_parameters;
258  ut32 __unused_alignment;
259  ut64 exception_information[EXCEPTION_MAXIMUM_PARAMETERS];
260  });
261 
262 /* Contains exception information. */
263 RZ_PACKED(
264  struct minidump_exception_stream {
265  ut32 thread_id;
266  ut32 __alignment;
267 
268  struct minidump_exception exception_record;
269  struct minidump_location_descriptor thread_context;
270  });
271 
272 /* Describes an exception. */
273 RZ_PACKED(
274  struct minidump_exception_record {
275  ut32 exception_code;
276  ut32 exception_flags;
277 
278  struct minidump_exception_record *exception_record;
279 
280  void *exception_address;
281  ut32 number_parameters;
282  void /*ULONG_PTR*/ *exception_information[EXCEPTION_MAXIMUM_PARAMETERS];
283  });
284 
285 /* Contains an exception record with a machine-independent description of an
286  * exception and a context record with a machine-dependent description of the
287  * processor context at the time of the exception. */
288 RZ_PACKED(
289  struct minidump_exception_pointers {
290  struct minidump_exception_record exception_record;
291  void /* struct context */ *context_record;
292  });
293 
294 /* Contains the exception information written to the minidump file by the
295  * MiniDumpWriteDump function. */
296 RZ_PACKED(
297  struct minidump_exception_information {
298  ut32 thread_id;
299 
300  struct minidump_exception_pointers *exception_pointers;
301 
302  ut8 /*bool*/ client_pointers;
303  });
304 
305 /* Represents a function table stream. */
306 RZ_PACKED(
307  struct minidump_function_table_descriptor {
308  ut64 minimum_address;
309  ut64 maximum_address;
310  ut64 base_address;
311  ut32 entry_count;
312  ut32 size_of_align_pad;
313  });
314 
315 /* Represents the header for the function table stream. */
316 RZ_PACKED(
317  struct minidump_function_table_stream {
318  ut32 size_of_header;
319  ut32 size_of_descriptor;
320  ut32 size_of_native_descriptor;
321  ut32 size_of_function_entry;
322  ut32 number_of_descriptors;
323  ut32 size_of_align_pad;
324  });
325 
326 /* Represents the header for a handle data stream. */
327 RZ_PACKED(
328  struct minidump_handle_data_stream {
329  ut32 size_of_header;
330  ut32 size_of_descriptor;
331  ut32 number_of_descriptors;
332  ut32 reserved;
333  });
334 
335 /* Contains the state of an individual system handle at the time the minidump
336  * was written. */
337 RZ_PACKED(
338  struct minidump_handle_descriptor {
339  ut64 handle;
340  rva_t type_name_rva;
341  rva_t object_name_rva;
342  ut32 attributes;
343  ut32 granted_access;
344  ut32 handle_count;
345  ut32 pointer_count;
346  });
347 
348 /* Contains the state of an individual system handle at the time the minidump
349  * was written. */
350 RZ_PACKED(
351  struct minidump_handle_descriptor_2 {
352  ut64 handle;
353  rva_t type_name_rva;
354  rva_t object_name_rva;
355  ut32 attributes;
356  ut32 granted_access;
357  ut32 handle_count;
358  ut32 pointer_count;
359  rva_t object_info_rva;
360  ut32 reserved_0;
361  });
362 
363 /* Contains object-specific information for a handle. */
364 RZ_PACKED(
365  struct minidump_handle_object_information {
366  rva_t next_info_rva;
367  ut32 info_type;
368  ut32 size_of_info;
369  });
370 
371 /* Contains a list of memory ranges. */
372 RZ_PACKED(
373  struct minidump_memory_list {
374  ut32 number_of_memory_ranges;
375  struct minidump_memory_descriptor memory_ranges[];
376  });
377 
378 /* Contains a list of memory ranges. */
379 RZ_PACKED(
380  struct minidump_memory64_list {
381  ut64 number_of_memory_ranges;
382  rva64_t base_rva;
383  struct minidump_memory_descriptor64 memory_ranges[];
384  });
385 
386 /* Describes a region of memory. */
387 RZ_PACKED(
388  struct minidump_memory_info {
389  ut64 base_address;
390  ut64 allocation_base;
391  ut32 allocation_protect;
392  ut32 __alignment_1;
393  ut64 region_size;
394  ut32 state;
395  ut32 protect;
396  ut32 type;
397  ut32 __alignment_2;
398  });
399 
400 /* Contains a list of memory regions. */
401 RZ_PACKED(
402  struct minidump_memory_info_list {
403  ut32 size_of_header;
404  ut32 size_of_entry;
405  ut64 number_of_entries;
406  struct minidump_memory_info entries[];
407  });
408 
409 /* Contains a variety of information. */
410 RZ_PACKED(
411  struct minidump_misc_info {
412  ut32 size_of_info;
413  ut32 flags_1;
414  ut32 process_id;
415  ut32 process_create_time;
416  ut32 process_user_time;
417  ut32 process_kernel_time;
418  });
419 
420 /* Represents information in the miscellaneous information stream. */
421 RZ_PACKED(
422  struct minidump_misc_info_2 {
423  ut32 size_of_info;
424  ut32 flags_1;
425  ut32 process_id;
426  ut32 process_create_time;
427  ut32 process_user_time;
428  ut32 process_kernel_time;
429  ut32 processor_max_mhz;
430  ut32 processor_current_mhz;
431  ut32 processor_mhz_limit;
432  ut32 processor_max_idle_state;
433  ut32 processor_current_idle_state;
434  });
435 
436 /* Contains version information for a file. This information is language and
437  * code page independent. */
438 RZ_PACKED(
439  struct vs_fixedfileinfo {
440  ut32 dw_signature;
441  ut32 dw_struc_version;
442  ut32 dw_file_version_ms;
443  ut32 dw_file_version_ls;
444  ut32 dw_product_version_ms;
445  ut32 dw_product_version_ls;
446  ut32 dw_file_flags_mask;
447  ut32 dw_file_flags;
448  ut32 dw_file_os;
449  ut32 dw_file_type;
450  ut32 dw_file_subtype;
451  ut32 dw_file_date_ms;
452  ut32 dw_file_date_ls;
453  });
454 
455 /* Contains information for a specific module. */
456 RZ_PACKED(
457  struct minidump_module {
458  ut64 base_of_image;
459  ut32 size_of_image;
460  ut32 check_sum;
461  ut32 time_date_stamp;
462  rva_t module_name_rva;
463 
464  struct vs_fixedfileinfo version_info;
465  struct minidump_location_descriptor cv_record;
466  struct minidump_location_descriptor misc_record;
467 
468  ut64 reserved_0;
469  ut64 reserved_1;
470  });
471 
472 /* Contains a list of modules. */
473 RZ_PACKED(
474  struct minidump_module_list {
475  ut32 number_of_modules;
476  struct minidump_module modules[];
477  });
478 
479 /* Describes a string. */
480 RZ_PACKED(
481  struct minidump_string {
482  ut32 length;
483  ut16 *buffer;
484  });
485 
486 /* Contains processor and operating system information. */
487 RZ_PACKED(
488  struct minidump_system_info {
489  ut16 processor_architecture;
490  ut16 processor_level;
491  ut16 processor_revision;
492 
493  union {
494  ut16 reserved_0;
495  struct {
496  ut8 number_of_processors;
497  ut8 product_type;
498  };
499  };
500 
501  ut32 major_version;
502  ut32 minor_version;
503  ut32 build_number;
504  ut32 platform_id;
505  rva_t csd_version_rva;
506 
507  union {
508  ut32 reserved_1;
509  struct {
510  ut16 suite_mask;
511  ut16 reserved_2;
512  };
513  };
514 
515  union {
516  struct {
517  ut32 vendor_id[3];
518  ut32 version_information;
519  ut32 feature_information;
520  ut32 amd_extended_cpu_features;
521  } x86_cpu_info;
522  struct {
523  ut64 processor_features[2];
524  } other_cpu_info;
525  } cpu;
526  });
527 
528 /* Contains information for a specific thread. */
529 RZ_PACKED(
530  struct minidump_thread {
531  ut32 thread_id;
532  ut32 suspend_count;
533  ut32 priority_class;
534  ut32 priority;
535  ut64 teb;
536  struct minidump_memory_descriptor stack;
537  struct minidump_location_descriptor thread_context;
538  });
539 
540 /* Contains a list of threads. */
541 RZ_PACKED(
542  struct minidump_thread_list {
543  ut32 number_of_threads;
544  struct minidump_thread threads[0];
545  });
546 
547 /* Contains extended information for a specific thread. */
548 RZ_PACKED(
549  struct minidump_thread_ex {
550  ut32 thread_id;
551  ut32 suspend_count;
552  ut32 priority_class;
553  ut32 priority;
554  ut64 teb;
555 
556  struct minidump_memory_descriptor stack;
557  struct minidump_location_descriptor thread_context;
558  struct minidump_memory_descriptor backing_store;
559  });
560 
561 /* Contains a list of threads. */
562 RZ_PACKED(
563  struct minidump_thread_ex_list {
564  ut32 number_of_threads;
565  struct minidump_thread_ex threads[];
566  });
567 
568 /* Contains thread state information. */
569 RZ_PACKED(
570  struct minidump_thread_info {
571  ut32 thread_id;
572  ut32 dump_flags;
573  ut32 dump_error;
574  ut32 exit_status;
575  ut64 create_time;
576  ut64 exit_time;
577  ut64 kernel_time;
578  ut64 user_time;
579  ut64 start_address;
580  ut64 affinity;
581  });
582 
583 /* Contains a list of threads. */
584 RZ_PACKED(
585  struct minidump_thread_info_list {
586  ut32 size_of_header;
587  ut32 size_of_entry;
588  ut32 number_of_entries;
589  struct minidump_thread_info entries[];
590  });
591 
592 /* Contains a token information. */
593 RZ_PACKED(
594  struct minidump_token_info {
595  ut32 token_size;
596  ut32 token_id;
597  ut64 token_handle;
598  });
599 
600 /* Contains a list of token information. */
601 RZ_PACKED(
602  struct minidump_token_info_list {
603  ut32 size_of_list;
604  ut32 number_of_entries;
605  ut32 list_header_size;
606  ut32 element_header_size;
607  struct minidump_token_info entries[];
608  });
609 
610 /* Contains information about a module that has been unloaded. This information
611  * can help diagnose problems calling code that is no longer loaded. */
612 RZ_PACKED(
613  struct minidump_unloaded_module {
614  ut64 base_of_image;
615  ut32 size_of_image;
616  ut32 check_sum;
617  ut32 time_date_stamp;
618  rva_t module_name_rva;
619  });
620 
621 /* Contains a list of unloaded modules. */
622 RZ_PACKED(
623  struct minidump_unloaded_module_list {
624  ut32 size_of_header;
625  ut32 size_of_entry;
626  ut32 number_of_entries;
627  struct minidump_unloaded_module entries[];
628  });
629 
630 /* Contains user-defined information stored in a data stream. */
631 RZ_PACKED(
632  struct minidump_user_stream {
633  ut32 type;
634  ut32 buffer_size;
635  void /*PVOID*/ *buffer;
636  });
637 
638 /* Contains a list of user data streams used by the MiniDumpWriteDump function. */
639 RZ_PACKED(
640  struct minidump_user_stream_information {
641  ut32 user_stream_count;
642 
643  struct minidump_user_stream *user_stream_array;
644  });
645 
646 /* Contains information for the MiniDumpCallback function when the callback
647  * type is IncludeThreadCallback. */
648 RZ_PACKED(
649  struct minidump_include_thread_callback {
650  ut32 thread_id;
651  });
652 
653 /* Contains module information for the MiniDumpCallback function when the
654  * callback type is ModuleCallback. */
655 RZ_PACKED(
656  struct minidump_module_callback {
657  ut16 /*pwchar*/ *full_path;
658  ut64 base_of_image;
659  ut32 size_of_image;
660  ut32 check_sum;
661  ut32 time_date_stamp;
662 
663  struct vs_fixedfileinfo version_info;
664 
665  void /*pvoid*/ *cv_record;
666  ut32 size_of_cv_record;
667  void /*pvoid*/ *misc_record;
668  ut32 size_of_misc_record;
669  });
670 
671 /* Contains information for the MiniDumpCallback function when the callback
672  * type is IncludeModuleCallback. */
673 RZ_PACKED(
674  struct minidump_include_module_callback {
675  ut64 base_of_image;
676  });
677 
678 /* Contains I/O callback information. This structure is used by the
679  * MiniDumpCallback function when the callback type is IoStartCallback,
680  * IoWriteAllCallback, or IoFinishCallback. */
681 RZ_PACKED(
682  struct minidump_io_callback {
683  void /*handle*/ *Handle;
684  ut64 offset;
685  void /*pvoid*/ *buffer;
686  ut32 buffer_bytes;
687  });
688 
689 /* Contains information about a failed memory read operation. This structure is
690  * used by the MiniDumpCallback function when the callback type is
691  * ReadMemoryFailureCallback. */
692 RZ_PACKED(
693  struct minidump_read_memory_failure_callback {
694  ut64 offset;
695  ut32 bytes;
696  st32 /* HRESULT */ failure_status;
697  });
698 
699 /* Contains information returned by the MiniDumpCallback function. */
700 RZ_PACKED(
701  struct minidump_callback_output {
702  union {
703  ut32 module_write_flags;
704  ut32 thread_write_flags;
705  ut32 secondary_flags;
706  struct {
707  ut64 memory_base;
708  ut32 memory_size;
709  };
710  struct {
711  ut8 /*bool*/ check_cancel;
712  ut8 /*bool*/ cancel;
713  };
714  void /*handle*/ *handle;
715  };
716 
717  struct {
718  struct minidump_memory_info vm_region;
719  ut8 /*bool*/ should_continue;
720  };
721 
722  st32 /* HRESULT */ status;
723  });
724 
725 RZ_PACKED(
726  struct avrf_backtrace_information {
727  ut32 depth;
728  ut32 index;
729  ut64 return_addresses[AVRF_MAX_TRACES];
730  });
731 
732 RZ_PACKED(
733  struct avrf_handle_operation {
734  ut64 handle;
735  ut32 process_id;
736  ut32 thread_id;
737  ut32 operation_type;
738  ut32 spare_0;
739 
740  struct avrf_backtrace_information back_trace_information;
741  });
742 
743 /* Contains a list of handle operations. */
744 RZ_PACKED(
745  struct minidump_handle_operation_list {
746  ut32 size_of_header;
747  ut32 size_of_entry;
748  ut32 number_of_entries;
749  ut32 reserved;
750  struct avrf_handle_operation entries[];
751  });
752 
753 #endif /* MDMP_SPECS_H */
version
static char * version
Definition: acr.h:4
cpu
static ut32 cpu[32]
Definition: analysis_or1k.c:21
bytes
static ut8 bytes[32]
Definition: asm_arc.c:23
handle
static mcore_handle handle
Definition: asm_mcore.c:8
entries
RzList * entries(RzBinFile *bf)
Definition: bin_ne.c:98
signature
static char * signature(RzBinFile *bf, bool json)
Definition: bin_pe.c:117
buffer
struct buffer buffer
rva
static ut64 rva(RzBinObject *o, ut64 paddr, ut64 vaddr, int va)
Definition: cbin.c:77
length
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence static length const void static len static semflg const void static shmflg const struct timespec struct timespec static rem const char static group const void length
Definition: sflib.h:133
ut16
uint16_t ut16
Definition: demangler_util.h:30
ut32
uint32_t ut32
Definition: demangler_util.h:31
offset
voidpf uLong offset
Definition: ioapi.h:144
ut8
uint8_t ut8
Definition: lh5801.h:11
status
static const char struct stat static buf struct stat static buf static vhangup int status
Definition: sflib.h:145
reserved
@ reserved
Definition: lm32_isa.h:94
module_write_flags_t
module_write_flags_t
Definition: mdmp_specs.h:174
MODULE_WRITE_TLS_DATA
@ MODULE_WRITE_TLS_DATA
Definition: mdmp_specs.h:180
MODULE_WRITE_MISC_RECORD
@ MODULE_WRITE_MISC_RECORD
Definition: mdmp_specs.h:177
MODULE_WRITE_MODULE
@ MODULE_WRITE_MODULE
Definition: mdmp_specs.h:175
MODULE_WRITE_DATA_SEG
@ MODULE_WRITE_DATA_SEG
Definition: mdmp_specs.h:176
MODULE_WRITE_CV_RECORD
@ MODULE_WRITE_CV_RECORD
Definition: mdmp_specs.h:178
MODULE_WRITE_CODE_SEGS
@ MODULE_WRITE_CODE_SEGS
Definition: mdmp_specs.h:181
MODULE_REFERENCED_BY_MEMORY
@ MODULE_REFERENCED_BY_MEMORY
Definition: mdmp_specs.h:179
minidump_handle_object_information_type_t
minidump_handle_object_information_type_t
Definition: mdmp_specs.h:101
MINI_HANDLE_OBJECT_INFORMATION_NONE
@ MINI_HANDLE_OBJECT_INFORMATION_NONE
Definition: mdmp_specs.h:102
MINI_MUTANT_INFORMATION_2
@ MINI_MUTANT_INFORMATION_2
Definition: mdmp_specs.h:105
MINI_PROCESS_INFORMATION_2
@ MINI_PROCESS_INFORMATION_2
Definition: mdmp_specs.h:107
MINI_MUTANT_INFORMATION_1
@ MINI_MUTANT_INFORMATION_1
Definition: mdmp_specs.h:104
MINI_THREAD_INFORMATION_1
@ MINI_THREAD_INFORMATION_1
Definition: mdmp_specs.h:103
MINI_PROCESS_INFORMATION_1
@ MINI_PROCESS_INFORMATION_1
Definition: mdmp_specs.h:106
rva_t
ut32 rva_t
Definition: mdmp_specs.h:76
AVRF_MAX_TRACES
#define AVRF_MAX_TRACES
Definition: mdmp_specs.h:49
minidump_stream_type_t
minidump_stream_type_t
Definition: mdmp_specs.h:115
UNLOADED_MODULE_LIST_STREAM
@ UNLOADED_MODULE_LIST_STREAM
Definition: mdmp_specs.h:130
COMMENT_STREAM_A
@ COMMENT_STREAM_A
Definition: mdmp_specs.h:126
UNUSED_STREAM
@ UNUSED_STREAM
Definition: mdmp_specs.h:116
FUNCTION_TABLE_STREAM
@ FUNCTION_TABLE_STREAM
Definition: mdmp_specs.h:129
LAST_RESERVED_STREAM
@ LAST_RESERVED_STREAM
Definition: mdmp_specs.h:141
EXCEPTION_STREAM
@ EXCEPTION_STREAM
Definition: mdmp_specs.h:122
TOKEN_STREAM
@ TOKEN_STREAM
Definition: mdmp_specs.h:135
THREAD_INFO_LIST_STREAM
@ THREAD_INFO_LIST_STREAM
Definition: mdmp_specs.h:133
JAVASCRIPT_DATA_STREAM
@ JAVASCRIPT_DATA_STREAM
Definition: mdmp_specs.h:136
MISC_INFO_STREAM
@ MISC_INFO_STREAM
Definition: mdmp_specs.h:131
HANDLE_OPERATION_LIST_STREAM
@ HANDLE_OPERATION_LIST_STREAM
Definition: mdmp_specs.h:134
RESERVED_STREAM_0
@ RESERVED_STREAM_0
Definition: mdmp_specs.h:117
HANDLE_DATA_STREAM
@ HANDLE_DATA_STREAM
Definition: mdmp_specs.h:128
MODULE_LIST_STREAM
@ MODULE_LIST_STREAM
Definition: mdmp_specs.h:120
PROCESS_VM_COUNTERS_STREAM
@ PROCESS_VM_COUNTERS_STREAM
Definition: mdmp_specs.h:138
COMMENT_STREAM_W
@ COMMENT_STREAM_W
Definition: mdmp_specs.h:127
MEMORY_64_LIST_STREAM
@ MEMORY_64_LIST_STREAM
Definition: mdmp_specs.h:125
THREAD_EX_LIST_STREAM
@ THREAD_EX_LIST_STREAM
Definition: mdmp_specs.h:124
RESERVED_STREAM_1
@ RESERVED_STREAM_1
Definition: mdmp_specs.h:118
THREAD_NAMES_STREAM
@ THREAD_NAMES_STREAM
Definition: mdmp_specs.h:140
MEMORY_LIST_STREAM
@ MEMORY_LIST_STREAM
Definition: mdmp_specs.h:121
IPT_TRACE_STREAM
@ IPT_TRACE_STREAM
Definition: mdmp_specs.h:139
THREAD_LIST_STREAM
@ THREAD_LIST_STREAM
Definition: mdmp_specs.h:119
MEMORY_INFO_LIST_STREAM
@ MEMORY_INFO_LIST_STREAM
Definition: mdmp_specs.h:132
SYSTEM_INFO_STREAM
@ SYSTEM_INFO_STREAM
Definition: mdmp_specs.h:123
SYSTEM_MEMORY_INFO_STREAM
@ SYSTEM_MEMORY_INFO_STREAM
Definition: mdmp_specs.h:137
minidump_callback_type_t
minidump_callback_type_t
Definition: mdmp_specs.h:81
KERNEL_MINIDUMP_STATUS_CALLBACK
@ KERNEL_MINIDUMP_STATUS_CALLBACK
Definition: mdmp_specs.h:90
WRITE_KERNEL_MINIDUMP_CALLBACK
@ WRITE_KERNEL_MINIDUMP_CALLBACK
Definition: mdmp_specs.h:89
INCLUDE_VM_REGION_CALLBACK
@ INCLUDE_VM_REGION_CALLBACK
Definition: mdmp_specs.h:92
MODULE_CALLBACK
@ MODULE_CALLBACK
Definition: mdmp_specs.h:82
IO_START_CALLBACK
@ IO_START_CALLBACK
Definition: mdmp_specs.h:93
READ_MEMORY_FAILURE_CALLBACK
@ READ_MEMORY_FAILURE_CALLBACK
Definition: mdmp_specs.h:96
IO_FINISH_CALLBACK
@ IO_FINISH_CALLBACK
Definition: mdmp_specs.h:95
THREAD_CALLBACK
@ THREAD_CALLBACK
Definition: mdmp_specs.h:83
MEMORY_CALLBACK
@ MEMORY_CALLBACK
Definition: mdmp_specs.h:87
INCLUDE_THREAD_CALLBACK
@ INCLUDE_THREAD_CALLBACK
Definition: mdmp_specs.h:85
CANCEL_CALLBACK
@ CANCEL_CALLBACK
Definition: mdmp_specs.h:88
THREAD_EX_CALLBACK
@ THREAD_EX_CALLBACK
Definition: mdmp_specs.h:84
IO_WRITE_ALL_CALLBACK
@ IO_WRITE_ALL_CALLBACK
Definition: mdmp_specs.h:94
INCLUDE_MODULE_CALLBACK
@ INCLUDE_MODULE_CALLBACK
Definition: mdmp_specs.h:86
REMOVE_MEMORY_CALLBACK
@ REMOVE_MEMORY_CALLBACK
Definition: mdmp_specs.h:91
SECONDARY_FLAGS_CALLBACK
@ SECONDARY_FLAGS_CALLBACK
Definition: mdmp_specs.h:97
minidump_stream_type
enum minidump_stream_type_t minidump_stream_type
rva64_t
ut64 rva64_t
Definition: mdmp_specs.h:77
minidump_secondary_flags_t
minidump_secondary_flags_t
Definition: mdmp_specs.h:110
MINI_SECONDARY_WITHOUT_POWER_INFO
@ MINI_SECONDARY_WITHOUT_POWER_INFO
Definition: mdmp_specs.h:111
thread_write_flags
enum thread_write_flags_t thread_write_flags
minidump_type_t
minidump_type_t
Definition: mdmp_specs.h:146
MINI_DUMP_WITH_CODE_SEGS
@ MINI_DUMP_WITH_CODE_SEGS
Definition: mdmp_specs.h:161
MINI_DUMP_WITH_PROCESS_THREAD_DATA
@ MINI_DUMP_WITH_PROCESS_THREAD_DATA
Definition: mdmp_specs.h:156
MINI_DUMP_WITH_HANDLE_DATA
@ MINI_DUMP_WITH_HANDLE_DATA
Definition: mdmp_specs.h:150
MINI_DUMP_NORMAL
@ MINI_DUMP_NORMAL
Definition: mdmp_specs.h:147
MINI_DUMP_WITH_MODULE_HEADERS
@ MINI_DUMP_WITH_MODULE_HEADERS
Definition: mdmp_specs.h:167
MINI_DUMP_WITH_FULL_AUXILIARY_STATE
@ MINI_DUMP_WITH_FULL_AUXILIARY_STATE
Definition: mdmp_specs.h:163
MINI_DUMP_WITHOUT_AUXILIARY_STATE
@ MINI_DUMP_WITHOUT_AUXILIARY_STATE
Definition: mdmp_specs.h:162
MINI_DUMP_WITHIN_DIRECTLY_REFERENCED_MEMORY
@ MINI_DUMP_WITHIN_DIRECTLY_REFERENCED_MEMORY
Definition: mdmp_specs.h:154
MINI_DUMP_FILTER_MODULE_PATHS
@ MINI_DUMP_FILTER_MODULE_PATHS
Definition: mdmp_specs.h:155
MINI_DUMP_WITH_PRIVATE_READ_WRITE_MEMORY
@ MINI_DUMP_WITH_PRIVATE_READ_WRITE_MEMORY
Definition: mdmp_specs.h:157
MINI_DUMP_FILTER_MEMORY
@ MINI_DUMP_FILTER_MEMORY
Definition: mdmp_specs.h:151
MINI_DUMP_WITH_UNLOADED_MODULES
@ MINI_DUMP_WITH_UNLOADED_MODULES
Definition: mdmp_specs.h:153
MINI_DUMP_WITH_THREAD_INFO
@ MINI_DUMP_WITH_THREAD_INFO
Definition: mdmp_specs.h:160
MINI_DUMP_WITH_FULL_MEMORY
@ MINI_DUMP_WITH_FULL_MEMORY
Definition: mdmp_specs.h:149
MINI_DUMP_WITH_TOKEN_INFORMATION
@ MINI_DUMP_WITH_TOKEN_INFORMATION
Definition: mdmp_specs.h:166
MINI_DUMP_FILTER_TRIAGE
@ MINI_DUMP_FILTER_TRIAGE
Definition: mdmp_specs.h:168
MINI_DUMP_VALID_TYPE_FLAGS
@ MINI_DUMP_VALID_TYPE_FLAGS
Definition: mdmp_specs.h:169
MINI_DUMP_WITH_DATA_SEGS
@ MINI_DUMP_WITH_DATA_SEGS
Definition: mdmp_specs.h:148
MINI_DUMP_SCAN_MEMORY
@ MINI_DUMP_SCAN_MEMORY
Definition: mdmp_specs.h:152
MINI_DUMP_WITH_PRIVATE_WRITE_COPY_MEMORY
@ MINI_DUMP_WITH_PRIVATE_WRITE_COPY_MEMORY
Definition: mdmp_specs.h:164
MINI_DUMP_WITHOUT_OPTIONAL_DATA
@ MINI_DUMP_WITHOUT_OPTIONAL_DATA
Definition: mdmp_specs.h:158
MINI_DUMP_IGNORE_INACCESSIBLE_MEMORY
@ MINI_DUMP_IGNORE_INACCESSIBLE_MEMORY
Definition: mdmp_specs.h:165
MINI_DUMP_WITH_FULL_MEMORY_INFO
@ MINI_DUMP_WITH_FULL_MEMORY_INFO
Definition: mdmp_specs.h:159
minidump_handle_object_information_type
enum minidump_handle_object_information_type_t minidump_handle_object_information_type
module_write_flags
enum module_write_flags_t module_write_flags
RZ_PACKED
RZ_PACKED(struct minidump_header { ut32 signature;ut32 version;ut32 number_of_streams;rva_t stream_directory_rva;ut32 check_sum;union { ut32 reserved;ut32 time_date_stamp;};ut64 flags;})
minidump_secondary_flags
enum minidump_secondary_flags_t minidump_secondary_flags
minidump_type
enum minidump_type_t minidump_type
minidump_callback_type
enum minidump_callback_type_t minidump_callback_type
thread_write_flags_t
thread_write_flags_t
Definition: mdmp_specs.h:186
THREAD_WRITE_BACKING_STORE
@ THREAD_WRITE_BACKING_STORE
Definition: mdmp_specs.h:190
THREAD_WRITE_CONTEXT
@ THREAD_WRITE_CONTEXT
Definition: mdmp_specs.h:189
THREAD_WRITE_THREAD
@ THREAD_WRITE_THREAD
Definition: mdmp_specs.h:187
THREAD_WRITE_INSTRUCTION_WINDOW
@ THREAD_WRITE_INSTRUCTION_WINDOW
Definition: mdmp_specs.h:191
THREAD_WRITE_THREAD_DATA
@ THREAD_WRITE_THREAD_DATA
Definition: mdmp_specs.h:192
THREAD_WRITE_THREAD_INFO
@ THREAD_WRITE_THREAD_INFO
Definition: mdmp_specs.h:193
THREAD_WRITE_STACK
@ THREAD_WRITE_STACK
Definition: mdmp_specs.h:188
mdmp_windefs.h
EXCEPTION_MAXIMUM_PARAMETERS
#define EXCEPTION_MAXIMUM_PARAMETERS
Definition: mdmp_windefs.h:8
type
int type
Definition: mipsasm.c:17
regress.modules
modules
Definition: regress.py:20
rz_types_base.h
st32
#define st32
Definition: rz_types_base.h:12
flags
static struct sockaddr static addrlen static backlog const void static flags void flags
Definition: sfsocketcall.h:123
stack
Definition: z80asm.h:140
state
Definition: dis.h:43
exit_status
static enum exit_status_type exit_status
Exit status to use. This can be changed with set_exit_status().
Definition: main.c:17
threads
static uv_thread_t * threads
Definition: threadpool.c:38
ut64
ut64(WINAPI *w32_GetEnabledXStateFeatures)()
buffer_size
#define buffer_size(buffer)
Definition: zip_source_buffer.c:70
cancel
static int cancel(char *argv[])
Definition: ziptool_regress.c:92