https://redmine.openinfosecfoundation.org/https://redmine.openinfosecfoundation.org/favicon.ico?17011170022019-08-20T05:35:23ZOpen Information Security FoundationSuricata - Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)https://redmine.openinfosecfoundation.org/issues/3118?journal_id=132882019-08-20T05:35:23ZVictor Julienvictor@inliniac.net
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Assigned</i></li><li><strong>Assignee</strong> set to <i>Jeff Lucovsky</i></li><li><strong>Target version</strong> set to <i>70</i></li></ul><p>Peter can you make sure Jeff has access to the pcap?</p> Suricata - Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)https://redmine.openinfosecfoundation.org/issues/3118?journal_id=133182019-08-21T11:11:11ZPeter Manevpetermanev@gmail.com
<ul></ul><p>I've been trying to carve a pcap out of the original pcap (140GB) that I was able to generate this issue with. So far have been unsuccessful , for starters I tried to carve out just "ftp" traffic, the resulting pcap was much smaller but could not reproduce the issue. Will keep trying and update the issue here.</p> Suricata - Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)https://redmine.openinfosecfoundation.org/issues/3118?journal_id=136622019-09-21T16:27:01ZJeff Lucovsky
<ul></ul><p>If this issue is reproducible, then I suggest we try patching the following function -- adding an assert</p>
<pre>
int StorageSetById(Storage *storage, const StorageEnum type, const int id, void *ptr)
{
#ifdef DEBUG
BUG_ON(!storage_registraton_closed);
#endif
SCLogDebug("storage %p id %d", storage, id);
if (storage == NULL)
return -1;
assert(storage[id] == NULL); // If not null, memory leak
storage[id] = ptr;
return 0;
}
</pre> Suricata - Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)https://redmine.openinfosecfoundation.org/issues/3118?journal_id=136752019-09-22T12:47:06ZJeff Lucovsky
<ul><li><strong>Related to</strong> <i><a class="issue tracker-1 status-6 priority-4 priority-default closed" href="/issues/2458">Bug #2458</a>: memleak: gitmaster - 4.1.0-dev (rev c60decd)</i> added</li></ul> Suricata - Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)https://redmine.openinfosecfoundation.org/issues/3118?journal_id=136922019-09-23T13:22:56ZPeter Manevpetermanev@gmail.com
<ul></ul><p>I can rerun it and will report back.</p> Suricata - Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)https://redmine.openinfosecfoundation.org/issues/3118?journal_id=137162019-09-23T22:52:24ZJeff Lucovsky
<ul></ul><p>Great ... this is to test a hunch. This was a place where it looked like there could be a memory leak related to the expectation handling.</p> Suricata - Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)https://redmine.openinfosecfoundation.org/issues/3118?journal_id=146582019-11-12T07:56:28ZPeter Manevpetermanev@gmail.com
<ul></ul><p>I dont see this any more on any runs that i tried.</p> Suricata - Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)https://redmine.openinfosecfoundation.org/issues/3118?journal_id=146592019-11-12T08:45:24ZVictor Julienvictor@inliniac.net
<ul><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Closed</i></li><li><strong>Assignee</strong> deleted (<del><i>Jeff Lucovsky</i></del>)</li><li><strong>Target version</strong> deleted (<del><i>70</i></del>)</li></ul>