search

microsoft / DTrace-on-Windows

Code for the cross platform, single source, OpenDTrace implementation
Other
485 stars 43 forks source link

DTrace MSI installer fails with Error 1920. Service 'drace' failed to start #14

Closed sukesh-ak closed 3 years ago

sukesh-ak commented 3 years ago

Trying to run DTrace inside Hyper-v hosted Virtual machine running Windows 10 with latest updates.

Following the guidance on this page https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/dtrace

  1. Virtual Machine setup Set-VMProcessor -VMName -ExposeVirtualizationExtensions $true
  2. Enabled dtrace bcdedit /set dtrace ON
  3. Registry key set REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\ /v EnableVirtualizationBasedSecurity /t REG_DWORD /d 1
  4. Symbol path set mkdir c:\symbols set _NT_SYMBOL_PATH=srvC:\symbolshttps://msdl.microsoft.com/download/symbols

Install of the MSI fails with the following error in msi logs.

StartServices: Service: dtrace
Error 1920. Service 'dtrace' (dtrace) failed to start.  Verify that you have sufficient privileges to start system services.
MSI (s) (CC:FC) [15:28:27:429]: Product: DTrace for Windows -- Error 1920. Service 'dtrace' (dtrace) failed to start.  Verify that you have sufficient privileges to start system services.

Error 1920. Service 'dtrace' (dtrace) failed to start.  Verify that you have sufficient privileges to start system services.
sukesh-ak commented 3 years ago

Found out I was using the old MSI. Got the new one and installed successfully Link => https://www.microsoft.com/download/details.aspx?id=100441

travispaul commented 2 years ago

@sukesh-ak thanks for the tip.

The link in the README is still broken and causes this issue, I would open a PR but the last PR activity was 8 months ago, and there hasn't been a recent release for things that have been merged from outside contributors (at least recently.)

Wondering if this project has fallen out of use internally at MS and is abandoned?

sukesh-ak commented 2 years ago

@sukesh-ak thanks for the tip.

The link in the README is still broken and causes this issue, I would open a PR but the last PR activity was 8 months ago, and there hasn't been a recent release for things that have been merged from outside contributors (at least recently.)

Wondering if this project has fallen out of use internally at MS and is abandoned?

OpenDTrace itself is canned it looks like. I was interested to repro some malware samples to with dtrace to see what I can find. But could not make it work in a vm 😐