raddebugger icon indicating copy to clipboard operation
raddebugger copied to clipboard
verified publisher icon EpicGamesExt

Windows 11 insists raddbg.exe is a virus

Open forrestthewoods opened this issue 1 year ago • 8 comments

Windows is now adament that raddbg.exe is a virus. I tried adding it to the exclusion list but it's too late and that doesn't work.

image

I was initially testing the debugger on a very simple C++ project. It seemed to be working fine.

Then I tried launching the Godot editor and attaching the debugger. This worked. I was exploring the threads to find an interesting one when the debugger and Godot both crashed hard. When I went to re-launch raddbg.exe to my surprise the file was missing. I've not yet found a workaround to keep Windows from deleting it.

forrestthewoods avatar Jan 13 '24 08:01 forrestthewoods

If you try building it from source locally on your machine, then it will be less likely Defender will think it's a virus. We'll probably eventually need codesign the exe's we release, but that will come later - when we're ready for more official release, not alphas.

mmozeiko avatar Jan 13 '24 08:01 mmozeiko

I'm trying to compile from "Developer Command Prompt for VS 2022". I get this output and error:

c:\temp\code\github\raddebugger>build.bat
[debug mode]
[msvc compile]
[default mode, assuming `raddbg` build]
metagen_main.c
c:\temp\code\github\raddebugger\src\metagen\metagen_base\metagen_base_ins.h(48): fatal error C1189: #error:  the intrinsic set for this arch is not developed
'metagen.exe' is not recognized as an internal or external command,
operable program or batch file.
raddbg.cpp
c:\temp\code\github\raddebugger\src\base\base_ins.h(48): fatal error C1189: #error:  the intrinsic set for this arch is not developed

I tried to manually make that define and I get other errors. Curiously they're quite different for release vs debug.

c:\temp\code\github\raddebugger>build.bat raddbg release
[release mode]
[msvc compile]
metagen_main.c
c:\temp\code\github\raddebugger\src\metagen\metagen_os\core\win32\metagen_os_core_win32.c(1204): error C2440: 'function': cannot convert from 'DWORD (__cdecl *)(void *)' to 'LPTHREAD_START_ROUTINE'
c:\temp\code\github\raddebugger\src\metagen\metagen_os\core\win32\metagen_os_core_win32.c(1204): warning C4024: 'CreateThread': different types for formal and actual parameter 3
'metagen.exe' is not recognized as an internal or external command,
operable program or batch file.
raddbg.cpp
c:\temp\code\github\raddebugger\src\base\base_ins.h(48): fatal error C1189: #error:  the intrinsic set for this arch is not developed

c:\temp\code\github\raddebugger>build.bat raddbg
[debug mode]
[msvc compile]
metagen_main.c
c:\temp\code\github\raddebugger\src\metagen\metagen_os\core\win32\metagen_os_core_win32.c(1204): error C2440: 'function': cannot convert from 'DWORD (__cdecl *)(void *)' to 'LPTHREAD_START_ROUTINE'
c:\temp\code\github\raddebugger\src\metagen\metagen_os\core\win32\metagen_os_core_win32.c(1204): warning C4024: 'CreateThread': different types for formal and actual parameter 3
'metagen.exe' is not recognized as an internal or external command,
operable program or batch file.
raddbg.cpp
c:\temp\code\github\raddebugger\src\base\base_bits.c(21): error C3861: '__popcnt64': identifier not found
c:\temp\code\github\raddebugger\src\base\base_bits.c(36): error C3861: '_BitScanForward64': identifier not found
c:\temp\code\github\raddebugger\src\base\base_bits.c(52): error C3861: '_BitScanReverse64': identifier not found
c:\temp\code\github\raddebugger\src\os\core\win32\os_core_win32.c(1205): error C2664: 'HANDLE CreateThread(LPSECURITY_ATTRIBUTES,SIZE_T,LPTHREAD_START_ROUTINE,LPVOID,DWORD,LPDWORD)': cannot convert argument 3 from 'DWORD (__cdecl *)(void *)' to 'LPTHREAD_START_ROUTINE'
c:\temp\code\github\raddebugger\src\os\core\win32\os_core_win32.c(1205): note: None of the functions with this name in scope match the target type
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\processthreadsapi.h(194): note: see declaration of 'CreateThread'
c:\temp\code\github\raddebugger\src\os\core\win32\os_core_win32.c(1205): note: while trying to match the argument list '(int, int, overloaded-function, W32_Entity *, int, DWORD *)'
c:\temp\code\github\raddebugger\src\os\gfx\win32\os_gfx_win32.c(571): error C2440: '=': cannot convert from 'LRESULT (__cdecl *)(HWND,UINT,WPARAM,LPARAM)' to 'WNDPROC'
c:\temp\code\github\raddebugger\src\os\gfx\win32\os_gfx_win32.c(571): note: This conversion requires a reinterpret_cast, a C-style cast or parenthesized function-style cast
c:\temp\code\github\raddebugger\src\os\gfx\win32\os_gfx_win32.c(883): error C2664: 'BOOL EnumDisplayMonitors(HDC,LPCRECT,MONITORENUMPROC,LPARAM)': cannot convert argument 3 from 'BOOL (__cdecl *)(HMONITOR,HDC,LPRECT,LPARAM)' to 'MONITORENUMPROC'
c:\temp\code\github\raddebugger\src\os\gfx\win32\os_gfx_win32.c(883): note: None of the functions with this name in scope match the target type
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winuser.h(13644): note: see declaration of 'EnumDisplayMonitors'
c:\temp\code\github\raddebugger\src\os\gfx\win32\os_gfx_win32.c(883): note: while trying to match the argument list '(int, int, overloaded-function, LPARAM)'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1808): error C2039: 'Rax': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1809): error C2039: 'Rcx': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1810): error C2039: 'Rdx': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1811): error C2039: 'Rbx': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1812): error C2039: 'Rsp': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1813): error C2039: 'Rbp': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1814): error C2039: 'Rsi': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1815): error C2039: 'Rdi': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1816): error C2039: 'R8': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1817): error C2039: 'R9': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1818): error C2039: 'R10': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1819): error C2039: 'R11': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1820): error C2039: 'R12': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1821): error C2039: 'R13': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1822): error C2039: 'R14': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1823): error C2039: 'R15': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1824): error C2039: 'Rip': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1843): error C2039: 'FltSave': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1943): error C2039: 'MxCsr': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1945): error C2039: 'Rax': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1946): error C2039: 'Rcx': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1947): error C2039: 'Rdx': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1948): error C2039: 'Rbx': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1949): error C2039: 'Rsp': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1950): error C2039: 'Rbp': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1951): error C2039: 'Rsi': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1952): error C2039: 'Rdi': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1953): error C2039: 'R8': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1954): error C2039: 'R9': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1955): error C2039: 'R10': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1956): error C2039: 'R11': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1957): error C2039: 'R12': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1958): error C2039: 'R13': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1959): error C2039: 'R14': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1960): error C2039: 'R15': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1961): error C2039: 'Rip': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'
c:\temp\code\github\raddebugger\src\demon\win32\demon_os_win32.c(1977): error C2039: 'FltSave': is not a member of '_CONTEXT'
C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\um\winnt.h(8236): note: see declaration of '_CONTEXT'

c:\temp\code\github\raddebugger>

I'm building from a AMD Ryzen 9 7950X3D 16-Core Processor.

forrestthewoods avatar Jan 13 '24 19:01 forrestthewoods

Are you possibly building in 32-bit mode? You should be using the x64 Native Tools Command Prompt for VS 2022, and not the x86 one.

ryanfleury avatar Jan 13 '24 19:01 ryanfleury

Ran into this issue yesterday. It doesn't build with the "Developer Command prompt" since it calls VsDecCmd.bat instead of vcvars64.bat which native tools does

aemsle avatar Jan 13 '24 20:01 aemsle

x64 Native Tools Command Prompt for VS 2022

Doh. That would do it. Used x64 Native Tools Command Prompt for VS 2022 and it builds/runs fine.

I'll let y'all decide if you want to close this issue or keep it open for tracking purposes. Thanks!

forrestthewoods avatar Jan 13 '24 20:01 forrestthewoods

I'll keep it open for now as a reminder to work out the code signing stuff eventually!

ryanfleury avatar Jan 13 '24 20:01 ryanfleury

I just had windows 10 default anti virus flag the debugger. image

Scr3amer avatar Jan 13 '24 20:01 Scr3amer

+1 yes, bit difficult to use (without having to adjust settings or building from sources..) (win10) image

unitycoder avatar Jan 14 '24 19:01 unitycoder

We'll sign the exe eventually to fix this.

jeffrbig2 avatar Jan 15 '24 20:01 jeffrbig2