DynamoRIO · ivankyluk · Dec 3, 2025 · Dec 3, 2025 · Dec 3, 2025 · Dec 4, 2025
diff --git a/clients/drcachesim/tests/offline-drsyscall-record-test.templatex b/clients/drcachesim/tests/offline-drsyscall-record-test.templatex
@@ -0,0 +1,29 @@
+#define FILE_NO 0x2
+#define SIZE 0x1f4c
+#if defined(X86) && defined(X64)
+#    define ADDRESS 0x402000
+#    define CONTENT_ADDRESS 0x0000000000402000
+#    define SYSCALL_WRITE 1
+#    define SYSCALL_EXIT_GROUP 231
+#elif defined(AARCH64)
+#    define ADDRESS 0x411000
+#    define CONTENT_ADDRESS 0x0000000000411000
+#    define SYSCALL_WRITE 64
+#    define SYSCALL_EXIT_GROUP 94
+#else
+#    error Unsupported architecture
+#endif
+.*
+syscall: SYSCALL_WRITE, timestamp: [0-9]+
+pre-syscall ordinal 0, value FILE_NO
+pre-syscall ordinal 1, value ADDRESS
+pre-syscall ordinal 2, value SIZE
+memory content address CONTENT_ADDRESS, size SIZE
+(\n|.)*30303030 30303030 3030300a( )
+post-syscall ordinal 0, value FILE_NO
+post-syscall ordinal 1, value ADDRESS
+post-syscall ordinal 2, value SIZE
+return value SIZE
+syscall end: SYSCALL_WRITE, timestamp: [0-9]+
+syscall: SYSCALL_EXIT_GROUP, timestamp: [0-9]+
+pre-syscall ordinal 0, value 0x0
diff --git a/ext/drreg/drreg.c b/ext/drreg/drreg.c
@@ -408,7 +408,7 @@ drreg_event_bb_analysis(void *drcontext, void *tag, instrlist_t *bb, bool for_tr
         if (xfer)
             aflags_cur = EFLAGS_READ_ARITH; /* assume flags are read before written */
         else {
-            uint aflags_read, aflags_w2r;
+            ptr_uint_t aflags_read, aflags_w2r;
             if (index == 0)
                 aflags_cur = EFLAGS_READ_ARITH; /* assume flags are read before written */
             else {

diff --git a/ext/drsyscall/drsyscall_record_lib.c b/ext/drsyscall/drsyscall_record_lib.c
@@ -91,6 +91,9 @@ drsyscall_iterate_records(drsyscall_record_read_t read_func,
                 }
                 offset += sizeof(syscall_record_t);
                 remaining -= sizeof(syscall_record_t);
+                if (remaining == 0 && offset == MAX_BUFFER_SIZE) {
+                    offset = 0;
+                }
                 break;
             case DRSYS_MEMORY_CONTENT: {
                 const size_t content_size = record->content.size;

diff --git a/suite/tests/CMakeLists.txt b/suite/tests/CMakeLists.txt
@@ -5477,6 +5477,21 @@ if (BUILD_CLIENTS)
     string(CONCAT tool.drcacheoff.collect-syscall-records_postcmd2
       "${PROJECT_BINARY_DIR}/${INSTALL_BIN}/drsyscall_record_viewer@"
       "${dir_prefix}.*.dir/raw/syscall_record_file.*")
+
+    if (X86)
+      add_exe(write_block_asm common/write_block_x86_64.asm)
+    else ()
+      add_exe(write_block_asm common/write_block_aarch64.asm)
+    endif ()
+    set_target_properties(write_block_asm PROPERTIES LINKER_LANGUAGE C)
+    append_link_flags(write_block_asm "-nostartfiles -nodefaultlibs -static")
+
+    torunonly_drcacheoff(drsyscall-record-test write_block_asm "-collect_syscall_records"
+            "@-tool@syscall_mix" "")
+    unset(tool.drcacheoff.drsyscall-record-test_rawtemp) # use preprocessor
+    string(CONCAT tool.drcacheoff.drsyscall-record-test_postcmd2
+      "${PROJECT_BINARY_DIR}/${INSTALL_BIN}/drsyscall_record_viewer@"
+      "${dir_prefix}.*.dir/raw/syscall_record_file.*")
   endif ()
 
   ###########################################################################

diff --git a/suite/tests/common/write_block_aarch64.asm b/suite/tests/common/write_block_aarch64.asm
@@ -0,0 +1,61 @@
+/* **********************************************************
+ * Copyright (c) 2025 Google, Inc.  All rights reserved.
+ * **********************************************************/
+
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ *
+ * * Neither the name of Google, Inc. nor the names of its contributors may be
+ *   used to endorse or promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL VMWARE, INC. OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ */
+
+/*
+ * This test is designed to test the boundary condition when a syscall record ends exactly
+ * at the end of the buffer for drsyscall_iterate_records. The current buffer size for
+ * drsyscall_iterate_records is 8192. A write syscall has ten sycall recrods: one
+ * DRSYS_SYSCALL_NUMBER_TIMESTAMP record, three DRSYS_PRECALL_PARAM records, one
+ * DRSYS_MEMORY_CONTENT record, three DRSYS_POSTCALL_PARAM records, one DRSYS_RETURN_VALUE
+ * record, and one DRSYS_RECORD_END_TIMESTAMP record. Each record has 18 bytes. To align
+ * the end of the DRSYS_RECORD_END_TIMESTAMP at the end of the drsyscall_iterate_records
+ * buffer, we call write with size 8192 - 10 * 18 = 8012 bytes.
+ */
+/* This is a statically-linked app. */
+        .global  _start
+
+        .align   6
+_start:
+        mov      w0, #2            // stderr
+        adr      x1, block
+        mov      w2, #8012         // sizeof(block)
+        mov      w8, #64           // SYS_write
+        svc      #0
+        mov      w0, #0            // status
+        mov      w8, #94           // SYS_exit_group
+        svc      #0
+
+        .data
+        .align   6
+block:
+        .fill   8011, 1, 0x30     // Create 8011 '0' characters
+        .string "\n"
diff --git a/suite/tests/common/write_block_x86_64.asm b/suite/tests/common/write_block_x86_64.asm
@@ -0,0 +1,64 @@
+ /* **********************************************************
+ * Copyright (c) 2025 Google, Inc.  All rights reserved.
+ * **********************************************************/
+
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ *
+ * * Neither the name of Google, Inc. nor the names of its contributors may be
+ *   used to endorse or promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL VMWARE, INC. OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ */
+
+/*
+ * This test is designed to test the boundary condition when a syscall record ends exactly
+ * at the end of the buffer for drsyscall_iterate_records. The current buffer size for
+ * drsyscall_iterate_records is 8192. A write syscall has ten sycall recrods: one
+ * DRSYS_SYSCALL_NUMBER_TIMESTAMP record, three DRSYS_PRECALL_PARAM records, one
+ * DRSYS_MEMORY_CONTENT record, three DRSYS_POSTCALL_PARAM records, one DRSYS_RETURN_VALUE
+ * record, and one DRSYS_RECORD_END_TIMESTAMP record. Each record has 18 bytes. To align
+ * the end of the DRSYS_RECORD_END_TIMESTAMP at the end of the drsyscall_iterate_records
+ * buffer, we call write with size 8192 - 10 * 18 = 8012 bytes.
+ */
+/* This is a statically-linked app. */
+.text
+.globl _start
+.type _start, @function
+
+        .align   8
+_start:
+        and      rsp, -16         // align stack pointer to cache line
+        mov      rdi, 2           // stderr
+        lea      rsi, block
+        mov      rdx, 8012        // sizeof(block)
+        mov      eax, 1           // SYS_write
+        syscall
+        mov      rdi, 0           // exit code
+        mov      eax, 231         // SYS_exit_group
+        syscall
+
+        .data
+        .align   8
+block:
+        .fill   8011, 1, 0x30     // Create 8011 '0' characters
+        .string "\n"