Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

How can I build a custom tool successfully on windows?

31 views
Skip to first unread message

Toofy

unread,
Sep 25, 2024, 6:02:40 PM9/25/24
to DynamoRIO Users

Hi there,

I’ve been struggling with this for the past couple of days, and I’m reaching out here as a last resort. I hope I’m just missing something simple.

Context:
I’m running Windows 10 (build 19045.4894). The precompiled DynamoRIO samples run fine for me, but I’m having trouble compiling my own tools.

For example, when I run the precompiled bbsize.dll sample:

.\drrun.exe -c "C:\Program Files\DynamoRIO\samples\bin64\bbsize.dll" -- notepad

I get the expected output:

Client bbsize is running

So far, so good. Since this worked, I thought I’d try copying the entire bbsize.c source code to start writing my own tool. Here’s where the trouble begins.

What I’ve Tried:

Compiling with CMake (Visual Studio 2022):
I followed the official instructions for building DynamoRIO clients using CMake with Visual Studio 2022.
It compiles successfully, and I get a bbsize.dll, but when I try to run it:
  • .\drrun.exe -verbose -c "C:\Users\toofy-windoze\source\repos\DynamoRIO_Client\bbsize.dll" -- notepad
Notepad either doesn’t launch or launches and immediately exits. No instrumentation output, no errors, and no indication that the client is running. Judging from other experiments later, this seems to be related to the address of the dll not being fixed, although I'm not really sure about this.

Switching to 32-bit Compilation:

I then tried compiling for 32-bit. This allowed Notepad to launch, but none of the DynamoRIO API (drapi) code executed. No instrumentation, no output related to bbsize.dll.

Switching to Visual Studio 2019 and Compiling with cl:
I read that using Visual Studio 2019 could help, so I tried that. Instead of CMake, I switched to directly compiling with the MSVC cl command.

Here’s the cl command I used (Note I had to hard link to an older version of windows SDK to get around some random bug):
  1. cl /I"C:\Program Files (x86)\Windows Kits\10\Include\10.0.17763.0\ucrt" /I"C:\Program Files (x86)\Windows Kits\10\Include\10.0.17763.0\shared" /I"C:\Program Files (x86)\Windows Kits\10\Include\10.0.17763.0\um" /I"C:\Program Files (x86)\Windows Kits\10\Include\10.0.17763.0\winrt" /I"C:\Program Files\DynamoRIO\include" /I"C:\Program Files\DynamoRIO\ext\include" /DWINDOWS /DX86_64 /GS- bbsize.c /MT /link /libpath:"C:\Program Files (x86)\Windows Kits\10\Lib\10.0.17763.0\ucrt\x64" /libpath:"C:\Program Files (x86)\Windows Kits\10\Lib\10.0.17763.0\um\x64" /libpath:"C:\Program Files\DynamoRIO\lib64\release" /libpath:"C:\Program Files\DynamoRIO\ext\lib64\release" dynamorio.lib drmgr.lib drx.lib /dll /out:bbsize.dll /base:0x72000000 /opt:ref /opt:icf /dynamicbase:no
This compiles successfully, but I still have the same behavior with drrun. Notepad launches, but none of the actual code in the DLL executes. There’s no indication that any instrumentation is happening.

Can someone please help me understand what I might be doing wrong? I’m running out of ideas and would greatly appreciate any guidance!

Toofy

unread,
Sep 26, 2024, 8:21:32 PM9/26/24
to DynamoRIO Users
I think I might know what the issue is.

I gave up on dynamoRIO and tried intel pin. I had the exact same behaviour, except pin actually logs the reason why:
Pin: pin-3.31-98869-fa6f126a8
Copyright 2002-2024 Intel Corporation.
E:  could not find main() function in the tool

So, for me, the solution was as simple as
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} /EXPORT:main")

Haven't tried that in dynamorio yet, but for whoever stumbles across this in the future with the same issue, give it a go.

Derek Bruening

unread,
Sep 27, 2024, 10:37:03 AM9/27/24
to Toofy, DynamoRIO Users
Please see https://dynamorio.org/page_debugging.html which says that the first step should always be to use debug build which has many more checks and messages.  Also see https://dynamorio.org/page_logging.html and use log files in debug build to get information on what is happening.

As for the missing "main": that is specific to Pin and is not relevant to a DR client which uses dr_client_main.

--
You received this message because you are subscribed to the Google Groups "DynamoRIO Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dynamorio-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/2bdd7806-d60e-42d5-96f9-d9537c960d70n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages