--
You received this message because you are subscribed to the Google Groups "DynamoRIO Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dynamorio-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/bb163f89-b70c-4951-83c9-9031d1e4e30en%40googlegroups.com.
Thanks for the response!I amended my while(1) loop to simply loop 1000 times and then call dr_exit_process() while still in the drwrap pre-function callback hoping that this would cause the debug logs to report something, but I don't see anything related to memory leaks. I do see a handful of these messages, though: "SYSLOG_WARNING: many pending signals: asking for 2nd special unit" and "SYSLOG_WARNING: potentially unsafe: allocating a new fragile special heap unit!".
I can confirm that my fork() call leads to clone() with flags CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD - there no CLONE_VM flag, so I should be good there.Regarding Dr. Fuzz, it is something I definitely want to explore in the future but unfortunately my current use case might make it a little challenging.Finally, what you said about the callout's infinite loop causing hangs makes sense (and I do see that "many pending signals" SYSLOG message above), but I am not sure I understand what you are recommending. Are you suggesting I call dr_mark_safe_to_suspend() in the drwrap pre-func callback prior to starting the while(1) loop, and then use dr_redirect_execution() in the subsequent child processes to return? If yes, where do I obtain the mcontext to pass into dr_redirect_execution() - do I call dr_get_mcontext() at the start of the pre-func callback and store it there? dr_get_mcontext() documentation doesn't seem to indicate that I can do this, so I may be misunderstanding your recommendation here.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/6bfa2d7f-4212-4640-b7f7-3f1e9e2e397dn%40googlegroups.com.
Thanks for all of your help so far. Apologies for all of the questions.I did what I described above, but I used drwrap_get_mcontext() to store the mcontext as you recommended. The parent process is now marked as safe to suspend within its infinite loop via dr_mark_safe_to_suspend() and the child processes are returning from the loop using dr_redirect_execution(). The fuzzer is somewhat slower, but continues to work.Unfortunately, the memory growth in the parent process is still present. My understanding is that the parent process is now safe for DR to suspend while in its infinite loop, so I imagine that DR should be doing so to address any signals that it has been buffering. Either my understanding is incorrect, or the issue is not related to signals, or maybe something unrelated to those two things entirely.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/ca13f6bd-0d20-49be-b413-7a8392b04b46n%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/0e5378f5-2767-4fc4-b20e-1ca4d3355e60n%40googlegroups.com.