Tags · frida/frida-gum

17.9.7

stalker-x86: Skip AVX2 ymm save on Win7 WoW64

On Windows 7 (NT 6.1) in a 32-bit (WoW64) process, the AVX2
ymm save/restore (vextracti128/vinserti128) emitted into
Stalker's prolog/epilog from a JIT RWX page corrupts wow64cpu
state. TEB64 fields get zeroed (NtTib.Self at +0x30, PEB at
+0x60, Win32ThreadInfo at +0x78, TlsSlots[0] /
WOW64_TLS_STACKPTR64 at +0x1480), so the next wow64 syscall
faults inside wow64cpu!CpupReturnFromSimulatedCode reading
`mov rsp, [r12+0x1480]` as zero.

Wow64cpu-specific to NT 6.1: Win7 32-bit native, Win10/11
WoW64, and 64-bit processes are unaffected. fxsave already
preserves the lower 128 bits of YMM, and the Windows x86 ABI
does not preserve YMM upper halves across calls, so omitting
the save is safe (I think).

May 8, 2026
a6d2a1f
zip
tar.gz

17.9.6

interceptor: Fix shared deflector on arm64e

The dispatcher thunk pointer wasn't signed.

May 2, 2026
8d617ec
zip
tar.gz

17.9.5

interceptor: Fix shared deflector on arm64e

The dispatcher thunk pointer wasn't signed.

May 2, 2026
8d617ec
zip
tar.gz

17.9.4

interceptor: Fix shared deflector on arm64e

The dispatcher thunk pointer wasn't signed.

May 2, 2026
8d617ec
zip
tar.gz

17.9.3

subprojects: Bump outdated

Apr 28, 2026
0760629
zip
tar.gz

17.9.2

submodules: Bump releng

Apr 26, 2026
7f71906
zip
tar.gz

17.9.1

Add tool to package devkits as XCFrameworks (#1101)

Mar 26, 2026
8bf4e03
zip
tar.gz

17.9.0

Add tool to package devkits as XCFrameworks (#1101)

Mar 26, 2026
8bf4e03
zip
tar.gz

17.8.3

ci: Bump Android NDK to r29

Mar 13, 2026
9dbc0f5
zip
tar.gz

17.8.2

ci: Bump Android NDK to r29

Mar 13, 2026
9dbc0f5
zip
tar.gz

PreviousNext

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

17.9.7

17.9.6

17.9.5

17.9.4

17.9.3

17.9.2

17.9.1

17.9.0

17.8.3

17.8.2

Uh oh!

Tags: frida/frida-gum