Project

General

Profile

Actions

Bug #3632

closed

rules: memory leaks on failed rules

Added by Victor Julien almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 4.1, Needs backport to 5.0

Description

These are minor leaks, but due to the nature of the fuzzing they will cause OOM errors during fuzzing. In normal use this should be pretty much harmless unless you have large numbers of bad rules and reload continuesly.

==11== ERROR: libFuzzer: out-of-memory (used: 2562Mb; limit: 2560Mb)              
   To change the out-of-memory limit use -rss_limit_mb=<N>                          

Live Heap Allocations: 1806291148 bytes in 8328315 chunks; quarantined: 9143054 bytes in 6934 chunks; 41947 other chunks; total chunks: 8377196; showing top 95% (at most 8 unique contexts)
599068080 byte(s) (33%) in 832039 allocation(s)                                                                                                        
    #0 0x536742 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3                                                                                  
    #1 0x8431dc in SigAlloc /src/suricata/src/detect-parse.c:1269:31                                                 
    #2 0x846c3e in SigInitHelper /src/suricata/src/detect-parse.c:1858:22                                                                                                                      
    #3 0x846843 in SigInit /src/suricata/src/detect-parse.c:2043:25                                                                                                  
    #4 0x847da3 in DetectEngineAppendSig /src/suricata/src/detect-parse.c:2318:22     
    #5 0x792eb4 in DetectLoadSigFile /src/suricata/src/detect-engine-loader.c:169:15 
    #6 0x78f3f2 in ProcessSigFiles /src/suricata/src/detect-engine-loader.c:252:13         
    #7 0x78ddf1 in SigLoadSignatures /src/suricata/src/detect-engine-loader.c:331:15                                                                   
    #8 0x7463fa in DetectEngineReload /src/suricata/src/detect-engine.c:4007:9                                                                                                
    #9 0x56919f in LLVMFuzzerTestOneInput /src/suricata/src/tests/fuzz/fuzz_sigpcap.c:131:9                          
    #10 0x46ea31 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15                                        
    #11 0x46e155 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #12 0x4704f7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #13 0x471285 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #14 0x45f308 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #15 0x489132 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #16 0x7f22f982182f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)       

599068080 byte(s) (33%) in 832039 allocation(s)                                                                                                        
    #0 0x536742 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x843220 in SigAlloc /src/suricata/src/detect-parse.c:1276:36
    #2 0x846c3e in SigInitHelper /src/suricata/src/detect-parse.c:1858:22
    #3 0x846843 in SigInit /src/suricata/src/detect-parse.c:2043:25
    #4 0x847da3 in DetectEngineAppendSig /src/suricata/src/detect-parse.c:2318:22
    #5 0x792eb4 in DetectLoadSigFile /src/suricata/src/detect-engine-loader.c:169:15
    #6 0x78f3f2 in ProcessSigFiles /src/suricata/src/detect-engine-loader.c:252:13
    #7 0x78ddf1 in SigLoadSignatures /src/suricata/src/detect-engine-loader.c:331:15
    #8 0x7463fa in DetectEngineReload /src/suricata/src/detect-engine.c:4007:9
    #9 0x56919f in LLVMFuzzerTestOneInput /src/suricata/src/tests/fuzz/fuzz_sigpcap.c:131:9
    #10 0x46ea31 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #11 0x46e155 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #12 0x4704f7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #13 0x471285 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #14 0x45f308 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #15 0x489132 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #16 0x7f22f982182f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Related issues 2 (0 open2 closed)

Copied to Suricata - Bug #3646: rules: memory leaks on failed rulesClosedJeff LucovskyActions
Copied to Suricata - Bug #3647: rules: memory leaks on failed rulesClosedShivani BhardwajActions
Actions

Also available in: Atom PDF