h4b4n3r0
Thanks for the explanation with this example! That made the idea really clear. And regarding the `regs->rsp`, this is what I understood: On function entry the rsp points to the...
Now I have one remaining issue with this method. When using breakpoint_by_pid_searcher [this code](https://github.com/tklengyel/drakvuf/blob/f38258812f543d72ad197d4ad2af7e72ae9c4460/src/plugins/plugins_ex.h#L271) `.dtb = info->regs->cr3,` leads to the assumption that the drakvuf_trap_info_t* info has already a saved cr3...
I looked at your comment and yes indeed [if (trap->breakpoint.lookup_type == LOOKUP_DTB)](https://github.com/tklengyel/drakvuf/blob/master/src/libdrakvuf/drakvuf.c#L317) the pid_to_dtb is skipped. But even breakpoint_by_pid_searcher has the CR3/DTB pointer, it still uses [trap->breakpoint.lookup_type = LOOKUP_PID;](https://github.com/tklengyel/drakvuf/blob/f38258812f543d72ad197d4ad2af7e72ae9c4460/src/plugins/plugins_ex.h#L321) In...
@chivay I have no idea what triggers the page fault. How could I find this out? Or what information would you need to analyse it more?
I am just discussing with my supervisors if I can release my code (via pull request or somehow other), since it is part of my master's thesis. But what I...
Thanks for your advice.
I have the identical issue on Kali Linux.
I am not linked to this project in any way. However, I would personally prefer to use a proper backup tool like GoodSync, FreeFileSync or Syncthing.
Same for me
I can confirm this issue. It is still appearing.