process terminated, ghidra throw error about cwe_checker HOT 4 CLOSED

ERROR Abort due to Headless analyzer error: Java heap space: failed reallocation of scalar replaced objects (HeadlessAnalyzer) java.lang.OutOfMemoryError: Java heap space: failed reallocation of scalar replaced objects

from cwe_checker.

Can you open the affected binary directly in Ghidra? If not, then this would be an issue for the Ghidra repository.
If only the combination with the cwe_checker gets this error, then my next question would be how large the binary in question is. The cwe_checker is not yet designed to handle very large binaries and it might be possible that it just runs out of memory because of this.
If the binary is not that large this might also be a bug in the cwe_checker itself. To reproduce this I would need a sample binary if possible.

from cwe_checker.

binary is large(60-70M), cwe checker does not overflow ram and does not exhaust CPU on startup, only I / O is 100% used
most likely the file was too large, so cwe_checker failed

from cwe_checker.

Yes, 60MB are too large for the cwe_checker right now. Even if we would handle the memory problems somehow, we still would have huge runtime problems, since the algorithms are simply not fast enough for binaries that large. We would like to solve that eventually, but we have to make sure that the analysis is reliable and fast enough for smaller binaries before that.

Probably some internal RAM limits of either Ghidra or Docker prevented your whole RAM to overflow before the crash. If the disassembly step with Ghidra would have finished successfully (it did not according to the error message), I am pretty sure that the cwe_checker would have caused a RAM overflow after that anyway.

I am closing the issue for now. Unfortunately, since there is so much to do before we can tackle this problem, we will not be able to handle binaries that large anytime soon.

from cwe_checker.