dynamorio icon indicating copy to clipboard operation
dynamorio copied to clipboard

Published 20 hours ago verified publisher icon DynamoRIO

win7 x32 ERROR: unable to inject: exec of |(null)| failed

Open hxxt192 opened this issue 2 years ago • 8 comments

env: win7 sp1 x32

cmd: C:\dynamorio-release_9.0.1\build32>bin32\drrun.exe notepad.exe ERROR: unable to inject: exec of |(null)| failed

hxxt192 avatar Jun 02 '22 11:06 hxxt192

C:\dynamorio-release_9.0.1\build32>bin32\drrun.exe -verbose -64 notepad.exe INFO: targeting application: "C:\Windows\system32\notepad.exe" INFO: app cmdline: "notepad.exe" INFO: configuration directory is "C:\Users\Administrator/dynamorio" INFO: created child with pid 3376 for C:\Windows\system32\notepad.exe ERROR: cannot find required file C:\dynamorio-release_9.0.1\build32/lib64\releas e\dynamorio.dll Use -root to specify a proper DynamoRIO root directory.

i copy lib32 to lib64 but error:

C:\dynamorio-release_9.0.1\build32>bin32\drrun.exe -verbose -64 notepad.exe INFO: targeting application: "C:\Windows\system32\notepad.exe" INFO: app cmdline: "notepad.exe" INFO: configuration directory is "C:\Users\Administrator/dynamorio" INFO: created child with pid 1408 for C:\Windows\system32\notepad.exe ERROR: unable to inject: exec of |(null)| failed

hxxt192 avatar Jun 02 '22 11:06 hxxt192

Can you use the full path to the 32-bit version notepad.exe?

bete0 avatar Jun 02 '22 19:06 bete0

Is this a duplicate of #5384?

derekbruening avatar Jun 02 '22 19:06 derekbruening

Please provide more information. Github is not supposed to let you file a blank issue: it is supposed to give you this template https://github.com/DynamoRIO/dynamorio/issues/new?assignees=&labels=&template=bug_report.md&title=

Please provide the information requested in the template, especially the DR version: is this a custom build? And you only built the 32-bit DR? And you're trying to run the 64-bit notepad with the 32-bit DR with no 64-bit build of DR around? That would be expected to fail, right? I thought there were some error messages about bitwidth mismatches but maybe the path search bypasses them. If you'd like to look at the drdeploy.c sources and add better error messages and send a pull request that would be appreciated.

derekbruening avatar Jun 02 '22 20:06 derekbruening

Env:win7 x32 the DR version: dynamorio-release_9.0.1 (vs2019 build x32) And you only built the 32-bit DR? YES And you're trying to run the 64-bit notepad with the 32-bit DR with no 64-bit build of DR around? NO,I run 32-bit notepad ,because my system is 32 bit

hxxt192 avatar Jun 03 '22 00:06 hxxt192

build step: Visual Studio 2019 > x86 Native Tools Command Prompt for VS 2019

>mkdir build32 && cd build32
>cmake -G"Visual Studio 16 2019" -A Win32 ..
>cmake --build . --config RelWithDebInfo

hxxt192 avatar Jun 03 '22 00:06 hxxt192

@derekbruening We currently have the same problem. Did a lot of tests in the last days and came to the following partly confusing results:

Environment / tested version

  • What version of DynamoRIO are you using? cronbuild-9.0.19202. First affected version is cronbuild-8.0.18632.
  • Does the latest build from https://github.com/DynamoRIO/dynamorio/releases solve the problem? No
  • What operating system version are you running on? Docker image mcr.microsoft.com/windows/servercore. [System.Environment]::OSVersion.Version reports 10.0.17763.0
  • Is your application 32-bit or 64-bit? Problem occurs for both.

Observations

  • The problem only occurs when the DynamoRIO zip is unpacked during building of the docker container! If the unpacking of the same zip file (in the same container) happens during the running of the container everything works.
  • Works when requesting late injection with -late, so the changes done in #4653 seem to be the problem.
  • Works when executing Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\release\dynamorio.dll before any call to drrun
    • This looks really strange to me. Did not yet find out what exactly changes when calling Get-FileHash on the file.

Executed commands

Injection fails:

    # Run included version
    ## 64 bit
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -- git --version ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
    ## 32 bit
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -- dot -V ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
    # Get-FileHash
    - Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\debug\dynamorio.dll
    - Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\release\dynamorio.dll
    - Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib32\debug\dynamorio.dll
    - Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib32\release\dynamorio.dll
    # Run included version
    ## 64 bit
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -- git --version ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
    ## 32 bit
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -- dot -V ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
    # Print version
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -version
Output 
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 107972 for C:\Program Files\Git\cmd\git.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 47776 for C:\Program Files\Git\cmd\git.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 35884 for C:\Program Files (x86)\Graphviz\bin\dot.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 17552 for C:\Program Files (x86)\Graphviz\bin\dot.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\debug\dynamorio.dll
Algorithm       Hash                                                           
---------       ----                                                           
SHA256          AAE7C03393FB5389152A68994560E7A133E65882C24C352169D89673A0D6...
$ Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\release\dynamorio.dll
Algorithm       Hash                                                           
---------       ----                                                           
SHA256          2B152671041F71F3EA773DA9C3F609F8E7CB163D942217998E2CD42E26FE...
$ Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib32\debug\dynamorio.dll
Algorithm       Hash                                                           
---------       ----                                                           
SHA256          F306FA88BE6C8036CEB1E88C8AB79F2BA5246C9AB8D300FA446E28BFC327...
$ Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib32\release\dynamorio.dll
Algorithm       Hash                                                           
---------       ----                                                           
SHA256          2129BF23E5050A159EF5450062BAF0B91BCFC377C5897B5639F50DD640A3...
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 24224 for C:\Program Files\Git\cmd\git.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 60428 for C:\Program Files\Git\cmd\git.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 14736 for C:\Program Files (x86)\Graphviz\bin\dot.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 53616 for C:\Program Files (x86)\Graphviz\bin\dot.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -version
drrun version 9.0.19202 -- build 0

Injection works when executing Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\release\dynamorio.dll before any call to drrun:

    # Get-FileHash
    - Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\debug\dynamorio.dll
    - Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\release\dynamorio.dll
    - Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib32\debug\dynamorio.dll
    - Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib32\release\dynamorio.dll
    # Run included version
    ## 64 bit
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -- git --version ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
    ## 32 bit
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -- dot -V ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
    # Print version
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -version
Output 
$ Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\debug\dynamorio.dll
Algorithm       Hash                                                           
---------       ----                                                           
SHA256          AAE7C03393FB5389152A68994560E7A133E65882C24C352169D89673A0D6...
$ Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib64\release\dynamorio.dll
Algorithm       Hash                                                           
---------       ----                                                           
SHA256          2B152671041F71F3EA773DA9C3F609F8E7CB163D942217998E2CD42E26FE...
$ Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib32\debug\dynamorio.dll
Algorithm       Hash                                                           
---------       ----                                                           
SHA256          F306FA88BE6C8036CEB1E88C8AB79F2BA5246C9AB8D300FA446E28BFC327...
$ Get-FileHash C:\UserProgs\DynamoRIO-Windows\lib32\release\dynamorio.dll
Algorithm       Hash                                                           
---------       ----                                                           
SHA256          2129BF23E5050A159EF5450062BAF0B91BCFC377C5897B5639F50DD640A3...
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 60920 for C:\Program Files\Git\cmd\git.exe
INFO: waiting forever for app to exit...
git version 2.35.1.windows.2
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 83832 for C:\Program Files\Git\cmd\git.exe
INFO: waiting forever for app to exit...
<log dir=C:\UserProgs\DynamoRIO-Windows\logs\git.exe.83832.00000000>
<Starting application C:\Program Files\Git\cmd\git.exe (83832)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct >
<CURIOSITY : instr_get_opcode(instr_new) != instr_get_opcode(instr_old) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2080
version 9.0.19202, custom build
-no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows/lib64\debug\dynamorio.dll=0x0000000015000000>
<CURIOSITY : instr_new == instrlist_first(ilist) || instr_new == instr_get_next(instrlist_first(ilist)) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2083
version 9.0.19202, custom build
-no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows/lib64\debug\dynamorio.dll=0x0000000015000000>
<Cleaning hooked Nt wrapper @0x00007ffaba2630f0 sysnum=0x1b9>
<curiosity: rex.w on OPSZ_6_irex10_short4!>
<found a fork: pid 109060>
<log dir=C:\UserProgs\DynamoRIO-Windows\logs\git.exe.109060.00000000>
<Starting application C:\Program Files\Git\mingw64\bin\git.exe (109060)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct >
<CURIOSITY : instr_get_opcode(instr_new) != instr_get_opcode(instr_old) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2080
version 9.0.19202, custom build
-loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows/lib64\debug\dynamorio.dll=0x0000000015000000>
<CURIOSITY : instr_new == instrlist_first(ilist) || instr_new == instr_get_next(instrlist_first(ilist)) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2083
version 9.0.19202, custom build
-loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows/lib64\debug\dynamorio.dll=0x0000000015000000>
<Cleaning hooked Nt wrapper @0x00007ffaba2630f0 sysnum=0x1b9>
<curiosity: rex.w on OPSZ_6_irex10_short4!>
git version 2.35.1.windows.2
<Stopping application C:\Program Files\Git\mingw64\bin\git.exe (109060)>
<Failed to suspend attached-but-never-scheduled thread 66092>
<Failed to suspend attached-but-never-scheduled thread 123356>
<Failed to suspend attached-but-never-scheduled thread 18660>
<Stopping application C:\Program Files\Git\cmd\git.exe (83832)>
<Failed to suspend attached-but-never-scheduled thread 21800>
<Failed to suspend attached-but-never-scheduled thread 25800>
<Failed to suspend attached-but-never-scheduled thread 88240>
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 101568 for C:\Program Files (x86)\Graphviz\bin\dot.exe
INFO: waiting forever for app to exit...
dot - graphviz version 3.0.0 (20220226.1711)
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 119888 for C:\Program Files (x86)\Graphviz\bin\dot.exe
INFO: waiting forever for app to exit...
<log dir=C:\UserProgs\DynamoRIO-Windows\logs\dot.exe.119888.00000000>
<Starting application C:\Program Files (x86)\Graphviz\bin\dot.exe (119888)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct -no_aslr_dr >
<unknown mapfile Dos name>
<get_ldr_module_by_pc w/o holding LoaderLock>
dot - graphviz version 3.0.0 (20220226.1711)
<Stopping application C:\Program Files (x86)\Graphviz\bin\dot.exe (119888)>
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -version
drrun version 9.0.19202 -- build 0

Using late injection:

    # Run included version (late injection)
    ## 64 bit
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -late -- git --version ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -late -debug -loglevel 4 -- git --version ; $True
    ## 32 bit
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -late -- dot -V ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -late -debug -loglevel 4 -- dot -V ; $True
    # The following normal injections still fail
    ## 64 bit
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -- git --version ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
    ## 32 bit
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -- dot -V ; $True
    - C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
    # Print version
    - C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -version
Output 
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -late -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 58976 for C:\Program Files\Git\cmd\git.exe
INFO: waiting forever for app to exit...
git version 2.35.1.windows.2
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -late -debug -loglevel 4 -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 42648 for C:\Program Files\Git\cmd\git.exe
INFO: waiting forever for app to exit...
<log dir=C:\UserProgs\DynamoRIO-Windows\logs\git.exe.42648.00000000>
<Starting application C:\Program Files\Git\cmd\git.exe (42648)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_early_inject -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct >
<CURIOSITY : instr_get_opcode(instr_new) != instr_get_opcode(instr_old) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2080
version 9.0.19202, custom build
-no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_early_inject -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows\lib64\debug\dynamorio.dll=0x0000000015000000>
<CURIOSITY : instr_new == instrlist_first(ilist) || instr_new == instr_get_next(instrlist_first(ilist)) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2083
version 9.0.19202, custom build
-no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_early_inject -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows\lib64\debug\dynamorio.dll=0x0000000015000000>
<Cleaning hooked Nt wrapper @0x00007ffaba2630f0 sysnum=0x1b9>
<curiosity: rex.w on OPSZ_6_irex10_short4!>
<dynamo auto start>
<found a fork: pid 69312>
<log dir=C:\UserProgs\DynamoRIO-Windows\logs\git.exe.69312.00000000>
<Starting application C:\Program Files\Git\mingw64\bin\git.exe (69312)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_early_inject -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct >
<CURIOSITY : instr_get_opcode(instr_new) != instr_get_opcode(instr_old) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2080
version 9.0.19202, custom build
-loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_early_inject -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows\lib64\debug\dynamorio.dll=0x0000000015000000>
<CURIOSITY : instr_new == instrlist_first(ilist) || instr_new == instr_get_next(instrlist_first(ilist)) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2083
version 9.0.19202, custom build
-loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_early_inject -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows\lib64\debug\dynamorio.dll=0x0000000015000000>
<Cleaning hooked Nt wrapper @0x00007ffaba2630f0 sysnum=0x1b9>
<curiosity: rex.w on OPSZ_6_irex10_short4!>
<dynamo auto start>
git version 2.35.1.windows.2
<Stopping application C:\Program Files\Git\mingw64\bin\git.exe (69312)>
<Failed to suspend attached-but-never-scheduled thread 74336>
<Failed to suspend attached-but-never-scheduled thread 116784>
<Failed to suspend attached-but-never-scheduled thread 37836>
<Stopping application C:\Program Files\Git\cmd\git.exe (42648)>
<Failed to suspend attached-but-never-scheduled thread 84460>
<Failed to suspend attached-but-never-scheduled thread 56308>
<Failed to suspend attached-but-never-scheduled thread 69876>
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -late -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 114628 for C:\Program Files (x86)\Graphviz\bin\dot.exe
INFO: waiting forever for app to exit...
dot - graphviz version 3.0.0 (20220226.1711)
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -late -debug -loglevel 4 -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 42612 for C:\Program Files (x86)\Graphviz\bin\dot.exe
INFO: waiting forever for app to exit...
<log dir=C:\UserProgs\DynamoRIO-Windows\logs\dot.exe.42612.00000000>
<Starting application C:\Program Files (x86)\Graphviz\bin\dot.exe (42612)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_early_inject -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct -no_aslr_dr >
<dynamo auto start>
<unknown mapfile Dos name>
<get_ldr_module_by_pc w/o holding LoaderLock>
dot - graphviz version 3.0.0 (20220226.1711)
<Stopping application C:\Program Files (x86)\Graphviz\bin\dot.exe (42612)>
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 89548 for C:\Program Files\Git\cmd\git.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 97504 for C:\Program Files\Git\cmd\git.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 93768 for C:\Program Files (x86)\Graphviz\bin\dot.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 46680 for C:\Program Files (x86)\Graphviz\bin\dot.exe
ERROR: unable to inject: exec of |(null)| failed
True
$ C:\UserProgs\DynamoRIO-Windows\bin64\drrun.exe -version
drrun version 9.0.19202 -- build 0

Download and unpack DynamoRIO during run:

    # Download and unpack during run instead of build
    - (New-Object System.Net.WebClient).DownloadFile("${BASE_URL}/DynamoRIO-Windows-${DYNAMORIO_VERSION}.zip", 'C:\temp\DynamoRIO-Windows.zip')
    - Expand-Archive C:\temp\DynamoRIO-Windows.zip C:\UserProgs
    - Move-Item "C:\UserProgs\DynamoRIO-Windows-${DYNAMORIO_VERSION}" C:\UserProgs\DynamoRIO-Windows-fresh
    # Run fresh unpacked version
    ## 64 bit
    - C:\UserProgs\DynamoRIO-Windows-fresh\bin64\drrun.exe -verbose -- git --version ; $True
    - C:\UserProgs\DynamoRIO-Windows-fresh\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
    ## 32 bit
    - C:\UserProgs\DynamoRIO-Windows-fresh\bin32\drrun.exe -verbose -- dot -V ; $True
    - C:\UserProgs\DynamoRIO-Windows-fresh\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
    # Print version
    - C:\UserProgs\DynamoRIO-Windows-fresh\bin64\drrun.exe -version
Output 
$ (New-Object System.Net.WebClient).DownloadFile("${BASE_URL}/DynamoRIO-Windows-${DYNAMORIO_VERSION}.zip", 'C:\temp\DynamoRIO-Windows.zip')
$ Expand-Archive C:\temp\DynamoRIO-Windows.zip C:\UserProgs
$ Move-Item "C:\UserProgs\DynamoRIO-Windows-${DYNAMORIO_VERSION}" C:\UserProgs\DynamoRIO-Windows-fresh
$ C:\UserProgs\DynamoRIO-Windows-fresh\bin64\drrun.exe -verbose -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 112228 for C:\Program Files\Git\cmd\git.exe
INFO: waiting forever for app to exit...
git version 2.35.1.windows.2
True
$ C:\UserProgs\DynamoRIO-Windows-fresh\bin64\drrun.exe -verbose -debug -loglevel 4 -- git --version ; $True
INFO: targeting application: "C:\Program Files\Git\cmd\git.exe"
INFO: app cmdline:  "git" "--version"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 128364 for C:\Program Files\Git\cmd\git.exe
INFO: waiting forever for app to exit...
<log dir=C:\UserProgs\DynamoRIO-Windows-fresh\logs\git.exe.128364.00000000>
<Starting application C:\Program Files\Git\cmd\git.exe (128364)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct >
<CURIOSITY : instr_get_opcode(instr_new) != instr_get_opcode(instr_old) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2080
version 9.0.19202, custom build
-no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows-fresh/lib64\debug\dynamorio.dll=0x0000000015000000>
<CURIOSITY : instr_new == instrlist_first(ilist) || instr_new == instr_get_next(instrlist_first(ilist)) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2083
version 9.0.19202, custom build
-no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows-fresh/lib64\debug\dynamorio.dll=0x0000000015000000>
<Cleaning hooked Nt wrapper @0x00007ffd5b8430f0 sysnum=0x1b9>
<curiosity: rex.w on OPSZ_6_irex10_short4!>
<found a fork: pid 4320>
<log dir=C:\UserProgs\DynamoRIO-Windows-fresh\logs\git.exe.4320.00000000>
<Starting application C:\Program Files\Git\mingw64\bin\git.exe (4320)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct >
<CURIOSITY : instr_get_opcode(instr_new) != instr_get_opcode(instr_old) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2080
version 9.0.19202, custom build
-loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows-fresh/lib64\debug\dynamorio.dll=0x0000000015000000>
<CURIOSITY : instr_new == instrlist_first(ilist) || instr_new == instr_get_next(instrlist_first(ilist)) in file D:\a\dynamorio\dynamorio\core\win32\callback.c line 2083
version 9.0.19202, custom build
-loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct 
C:\UserProgs\DynamoRIO-Windows-fresh/lib64\debug\dynamorio.dll=0x0000000015000000>
<Cleaning hooked Nt wrapper @0x00007ffd5b8430f0 sysnum=0x1b9>
<curiosity: rex.w on OPSZ_6_irex10_short4!>
git version 2.35.1.windows.2
<Stopping application C:\Program Files\Git\mingw64\bin\git.exe (4320)>
<Failed to suspend attached-but-never-scheduled thread 28484>
<Failed to suspend attached-but-never-scheduled thread 26920>
<Failed to suspend attached-but-never-scheduled thread 118880>
<Stopping application C:\Program Files\Git\cmd\git.exe (128364)>
<Failed to suspend attached-but-never-scheduled thread 11388>
<Failed to suspend attached-but-never-scheduled thread 96712>
<Failed to suspend attached-but-never-scheduled thread 17644>
True
$ C:\UserProgs\DynamoRIO-Windows-fresh\bin32\drrun.exe -verbose -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 41788 for C:\Program Files (x86)\Graphviz\bin\dot.exe
INFO: waiting forever for app to exit...
dot - graphviz version 3.0.0 (20220226.1711)
True
$ C:\UserProgs\DynamoRIO-Windows-fresh\bin32\drrun.exe -verbose -debug -loglevel 4 -- dot -V ; $True
INFO: targeting application: "C:\Program Files (x86)\Graphviz\bin\dot.exe"
INFO: app cmdline:  "dot" "-V"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 138676 for C:\Program Files (x86)\Graphviz\bin\dot.exe
INFO: waiting forever for app to exit...
<log dir=C:\UserProgs\DynamoRIO-Windows-fresh\logs\dot.exe.138676.00000000>
<Starting application C:\Program Files (x86)\Graphviz\bin\dot.exe (138676)>
<Running on newer-than-this-build "Microsoft Windows 10-1809 x64">
<Early threads found>
<Initial options = -no_dynamic_options -loglevel 4 -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct -no_aslr_dr >
<unknown mapfile Dos name>
<get_ldr_module_by_pc w/o holding LoaderLock>
dot - graphviz version 3.0.0 (20220226.1711)
<Stopping application C:\Program Files (x86)\Graphviz\bin\dot.exe (138676)>
True
$ C:\UserProgs\DynamoRIO-Windows-fresh\bin64\drrun.exe -version
drrun version 9.0.19202 -- build 0

lieser avatar Aug 04 '22 15:08 lieser

I can confirm strange Windows Container / Docker behavior on both ltsc2019 and ltsc2022 using my Dockerfile. However calling Get-FileHash didn't fixed it for me, but mounting DynamoRIO as a volume during docker run does.

Directly from container layer 
INFO: default root: C:\app\DynamoRIO
INFO: default toolconfig dir: C:\app\DynamoRIO/tools
INFO: client 0 path: c:\app\build32\bin\Release\winafl.dll
INFO: targeting application: "C:\pwd\harness.exe"
INFO: app cmdline:  "C:\pwd\harness.exe" "C:\pwd\inputs\02.txt"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 9032 for C:\pwd\harness.exe
WARNING: c:\app\build32\bin\Release\winafl.dll does not exist
INFO: registering client with id=0 path=|c:\app\build32\bin\Release\winafl.dll| ops=|"-debug" "-target_module" "harness.exe" "-coverage_module" "C:\pwd\bma\bfc.dll" "-target_method" "fuzzme" "-fuzz_iterations" "1000" "-nargs" "2"|
INFO: waiting forever for app to exit...
<Application C:\pwd\harness.exe (9032). Unable to load client library: c:\app\build32\bin\Release\winafl.dll
        Cannot find library.>
<Application C:\pwd\harness.exe (9032). Unable to load client library: c:\app\build32\bin\Release\winafl.dll.
        Error opening instrumentation library c:\app\build32\bin\Release\winafl.dll:
        .>
Copied layer to volume 
INFO: default root: C:\pwd\DynamoRIO
INFO: default toolconfig dir: C:\pwd\DynamoRIO/tools
INFO: client 0 path: C:\pwd\WinAFL\build32\bin\Release\winafl.dll
INFO: targeting application: "C:\pwd\harness.exe"
INFO: app cmdline:  "C:\pwd\harness.exe" "C:\pwd\inputs\02.txt"
INFO: configuration directory is "C:\Users\ContainerAdministrator/dynamorio"
INFO: created child with pid 9076 for C:\pwd\harness.exe
INFO: registering client with id=0 path=|C:\pwd\WinAFL\build32\bin\Release\winafl.dll| ops=|"-debug" "-target_module" "harness.exe" "-coverage_module" "C:\pwd\bma\bfc.dll" "-target_method" "fuzzme" "-fuzz_iterations" "1000" "-nargs" "2"|
INFO: waiting forever for app to exit...

stackcoder avatar Jan 26 '24 10:01 stackcoder