Open ghost opened 2 months ago
Hi!
This problem seems more related to your specific configuration and setup rather than DynamoRIO itself.
I'd suggest you post this issue on: https://groups.google.com/g/DynamoRIO-Users to reach a wider audience, so we can work it out, and if this is an actual bug in DynamoRIO we can post a more precise (and actionable) issue here on Github.
In the meantime, I'd suggest you add -loglevel 4
to drrun.exe
and check the log (and add it to your "DynamoRIO-Users group" post) to see if there is any useful information there.
Looks like this is being discussed here: https://groups.google.com/g/dynamorio-users/c/W97-BSreDy8
It seems like the issue is triggered by an OS without support of YMM. The problem went away when cpu supported the feature.
Culprit stacktrace:
# Child-SP RetAddr Call Site
00 0000006a`57f0f718 00000000`153d2897 0x0
01 0000006a`57f0f720 00000000`15384b62 dynamorio!nt_get_context_size(unsigned long flags = 0x10000b)+0x17 [C:\tools\src\dynamorio\core\win32\ntdll.c @ 5405]
02 0000006a`57f0f760 00000000`15375b8b dynamorio!os_take_over_thread(struct _dcontext_t * dcontext = 0x0000022f`15b95200, void * hthread = 0x00000000`00000100, unsigned int64 tid = 0x1ab0, char suspended = 0n0 '')+0x72 [C:\tools\src\dynamorio\core\win32\os.c @ 2512]
03 0000006a`57f0f7e0 00000000`15015980 dynamorio!os_take_over_all_unknown_threads(struct _dcontext_t * dcontext = 0x0000022f`15b95200)+0x26b [C:\tools\src\dynamorio\core\win32\os.c @ 2728]
04 0000006a`57f0f880 00000000`1534e7a0 dynamorio!dynamorio_take_over_threads(struct _dcontext_t * dcontext = 0x0000022f`15b95200)+0x170 [C:\tools\src\dynamorio\core\dynamo.c @ 2925]
05 0000006a`57f0f930 00000000`15026d10 dynamorio!dynamo_start(struct _priv_mcontext_t * mc = 0x0000006a`57f0faa0)+0xd0 [C:\tools\src\dynamorio\core\arch\x86_code.c @ 112]
06 0000006a`57f0f9d0 00000000`15027115 dynamorio!dynamorio_app_take_over_helper(struct _priv_mcontext_t * mc = 0x0000006a`57f0faa0)+0x300 [C:\tools\src\dynamorio\core\dynamo.c @ 2999]
07 0000006a`57f0fa30 00000000`15426e49 dynamorio!dynamorio_earliest_init_takeover_C(unsigned char * arg_ptr = 0x0000022f`15811000 "", struct _priv_mcontext_t * mc = 0x0000006a`57f0faa0)+0x135 [C:\tools\src\dynamorio\core\dynamo.c @ 3068]
08 0000006a`57f0fa80 0000022f`15811000 dynamorio!dynamorio_earliest_init_takeover(void)+0x83 [C:\tools\src\dynamorio\build\core\x86.asm_core.s @ 4877]
09 0000006a`57f0fa88 0000006a`57f0faa0 0x0000022f`15811000
0a 0000006a`57f0fa90 00000000`00000000 0x0000006a`57f0faa0
Pasting from https://groups.google.com/g/dynamorio-users/c/W97-BSreDy8/m/lmTDvp02AQAJ
ntdll_RtlGetExtendedContextLength does look like a problem, initialized under YMM_ENABLED but used outside. Probably your VM does not have it enabled. Looks like a real bug. Presumably those Rtl routines are still there and still work: is that YMM_ENABLED conditional needed?
Describe the bug
Originally, I was trying to get WinAFL working on windows 10. Down the rabbit hole I ended up here, as a dry run without any client cannot be competed without an error.
I tried the the latest version, stable version and previous stable version with no luck. I compiled a debug build from source, with the same results.
This is the command I ran:, but every single program i run ends the same:
drrun.exe -debug -- ipconfig
And this is the output
Versions
What version of DynamoRIO are you using? commit 525020b3dd1404175e379be9d0d48e3065a18d1e
Does the latest build from https://github.com/DynamoRIO/dynamorio/releases solve the problem? No
What operating system version are you running on? ("Windows 10" is not sufficient: give the release number.) Windows 10.0.19045 Build 19045
Is your application 32-bit or 64-bit? 64-bit
Additional context
The windows is actually running in a fully-accelerated VM. The host os is mac os sonoma 14.4.1 and the hypervisor is Qemu 8.2.1. Nevertheless, please do not let the fact that the environment is virtualized discourage you.
Now, I am aware this may be not easily reproducible, still I would love to get to the bottom of this. Therefore, I will you provide you with any more information you will need, we can even schedule an online debugging session.