Comments (5)
Thank you very much. After changing the value of xcr0
from 0xe7
to 0x7
, it works well.
Furthermore, your this work(wtf) is really cool and efficient. I will study it systematically. I didn't know much about kvm and virtualization, can you recommend some learning materials related to your system.
from wtf.
Can you share your regs.json
?
I've seen this before it means that the VM where I took the dump had bits in xcr0
that are not supported in the environment you're loading it in; based on my experience it's usually the bits that enable AVX512 or some of those.
Cheers
from wtf.
the regs.json is as follow, I used the regs.json that come from you hevd example, the value of xcr0 is 0xe7. Do you know how to solve the problem, and is there any material that explain about this area? {"rax":"0xdfd98ff3d0","rbx":"0x88","rcx":"0x88","rdx":"0xdeadbeef","rsi":"0x0","rdi":"0x0","rip":"0x7ff6f5bb111e","rsp":"0xdfd98ff380","rbp":"0x0","r8":"0xdfd98ff3d0","r9":"0x400","r10":"0x2263e823055","r11":"0x7ff6f5bcb54d","r12":"0x0","r13":"0x0","r14":"0x0","r15":"0x0","rflags":"0x206","dr0":"0x0","dr1":"0x0","dr2":"0x0","dr3":"0x0","dr6":"0xffff4ff0","dr7":"0x400","es":{"present":true,"selector":"0x2b","base":"0x0","limit":"0xffffffff","attr":"0xcf3"},"cs":{"present":true,"selector":"0x33","base":"0x0","limit":"0x0","attr":"0x22fb"},"ss":{"present":true,"selector":"0x2b","base":"0x0","limit":"0xffffffff","attr":"0xcf3"},"ds":{"present":true,"selector":"0x2b","base":"0x0","limit":"0xffffffff","attr":"0xcf3"},"fs":{"present":true,"selector":"0x53","base":"0x0","limit":"0x3c00","attr":"0x4f3"},"gs":{"present":true,"selector":"0x2b","base":"0xdfd9621000","limit":"0xffffffff","attr":"0xcf3"},"tr":{"present":true,"selector":"0x40","base":"0xfffff8047375c000","limit":"0x67","attr":"0x8b"},"ldtr":{"present":false,"selector":"0x0","base":"0x0","limit":"0x0","attr":"0x0"},"tsc":"0x2531558129a","apic_base":"0xfee00900","sysenter_cs":"0x0","sysenter_esp":"0x0","sysenter_eip":"0x0","pat":"0x7010600070106","efer":"0xd01","star":"0x23001000000000","lstar":"0xfffff8046f1cdc40","cstar":"0xfffff8046f1cd780","sfmask":"0x4700","kernel_gs_base":"0xfffff8046b6f3000","tsc_aux":"0x0","fpcw":"0x27f","fpsw":"0x0","fptw":"0x0","fpst":["0x-Infinity","0x-Infinity","0x-Infinity","0x-Infinity","0x-Infinity","0x-Infinity","0x-Infinity","0x-Infinity"],"mxcsr":"0x1f80","cr0":"0x80050033","cr2":"0x7ff6f5bbed4c","cr3":"0x101ba2000","cr4":"0x3506f8","cr8":"0x0","xcr0":"0xe7","gdtr":{"base":"0xfffff8047375dfb0","limit":"0x57"},"idtr":{"base":"0xfffff8047375b000","limit":"0xfff"},"mxcsr_mask":"0x0","fpop":"0x0"}
from wtf.
Oh sorry I missed the fact you were using the file from the hevd
example 🤦🏽♂️
Can you try to change the value of xcr0
from 0xe7
to 0x7
and try it again please?
Cheers
from wtf.
Awesome!
Thanks for the kind words 🙏🏽 The best references for me were:
- firecracker's code as it uses internally the same APIs that wtf uses,
- The Definitive KVM (Kernel-based Virtual Machine) API Documentation.
Cheers
from wtf.
Related Issues (20)
- [Fuzzer] Testcase "fuzzilli('FUZZILLI_CRASH', {0 | 1 | 2})" did not crash HOT 1
- Diagnosing differences between bochs backend and Hyper-V backend HOT 2
- fix argument handling to not trigger post mortem debugger
- Default the backend option to bxcpu
- Attempt to find state folder if in cwd
- std::shuffle leads to different behavior on Windows & Linux HOT 1
- Sockets on Linux don't behave as expected
- std::abort is too annoying on Windows
- If --target is not specified and the current directory looks like a target, use it!
- fuzzing different cpu architectures HOT 1
- Handle timeout testcases better
- Translation of GVA 0x1cdbb0e2000 failed HOT 4
- Trace memory and directly manipulate memory HOT 4
- New Feature: Redqueen/cmplog implementation
- [Question] Memory for testcase HOT 4
- Return failed of InsertTestcase() in RunTestcaseAndRestore() HOT 8
- wtf: cabi/mem-cabi.cc:34: static bool BX_MEM_C::dbg_fetch_mem(BX_CPU_C*, bx_phy_address, unsigned int, Bit8u*): Assertion `false' failed. HOT 18
- wtf on multi-threaded program HOT 3
- socket fuzzing error
- The corpus is empty, exiting HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wtf.