Comments (4)
ERROR Abort due to Headless analyzer error: Java heap space: failed reallocation of scalar replaced objects (HeadlessAnalyzer) java.lang.OutOfMemoryError: Java heap space: failed reallocation of scalar replaced objects
from cwe_checker.
Can you open the affected binary directly in Ghidra? If not, then this would be an issue for the Ghidra repository.
If only the combination with the cwe_checker gets this error, then my next question would be how large the binary in question is. The cwe_checker is not yet designed to handle very large binaries and it might be possible that it just runs out of memory because of this.
If the binary is not that large this might also be a bug in the cwe_checker itself. To reproduce this I would need a sample binary if possible.
from cwe_checker.
binary is large(60-70M), cwe checker does not overflow ram and does not exhaust CPU on startup, only I / O is 100% used
most likely the file was too large, so cwe_checker failed
from cwe_checker.
Yes, 60MB are too large for the cwe_checker right now. Even if we would handle the memory problems somehow, we still would have huge runtime problems, since the algorithms are simply not fast enough for binaries that large. We would like to solve that eventually, but we have to make sure that the analysis is reliable and fast enough for smaller binaries before that.
Probably some internal RAM limits of either Ghidra or Docker prevented your whole RAM to overflow before the crash. If the disassembly step with Ghidra would have finished successfully (it did not according to the error message), I am pretty sure that the cwe_checker would have caused a RAM overflow after that anyway.
I am closing the issue for now. Unfortunately, since there is so much to do before we can tackle this problem, we will not be able to handle binaries that large anytime soon.
from cwe_checker.
Related Issues (20)
- cwe_checker docker -o option fails HOT 4
- What is CWE119 specifically and the difference with its variants HOT 7
- Infinity Loop Problem HOT 2
- Execution of Ghidra plugin failed HOT 8
- Project Normalization consumes too much RAM HOT 2
- Support for new P-Code operation in Ghidra 10.3 HOT 1
- Windows failed to compile HOT 1
- cwe_checker docker container hang on HOT 4
- New CWE support ? HOT 1
- Binary Ninja Plugin HOT 1
- Null Dereference not detected in C ? HOT 2
- Docker build is failed locally HOT 1
- Error: unknown variant `LZCOUNT`, expected one of `COPY`...... when running the test sample HOT 7
- Option to enable CWE78 scan HOT 4
- panic in graph.rs because unwrap() of None HOT 4
- Activate clippy for `test` target
- Explicitly use wrapping arithmetic operations when overflow may occur
- skip libc code for statically compiled binaries HOT 4
- panic in Result::unwrap() due to "InvalidShiftAmount" when analyzing STM32 Firmware HOT 3
- cwe_checher docker container use too much memory HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cwe_checker.