CERTCC
GUIHorn uses 55 GB of RAM
Describe the bug When analyzing a large binary, I have to make an absurdly large swap file (100 GB) or else it will run out of memory. The combined RAM + swap usage is 55 GB, which seems much higher then intended
To Reproduce Steps to reproduce the behavior:
- Use GUIHorn
- See error
Expected behavior It uses a reasonable amount of RAM
Desktop (please complete the following information):
- OS: Ubuntu
I need more details ... what is the definition of "large program"?
It's a ~20 MB firmware image with 430,939 symbols and 49,683 functions. I can send it if it helps (it's released here, but it uses an obscure compression scheme so I can decompress it for you). It just seems that even parsing a large program shouldn't use 50 GB of RAM, and the memory is not freed after the script finishes
It just seems that even parsing a large program shouldn't use 50 GB of RAM
What makes you say that GhiHorn is just "parsing" the large program? Are you running GhiHorn, or just opening the binary in Kaiju?
I don't think 50 GB of RAM is unreasonable at all to perform a symbolic analysis of a 20 MB executable.
and the memory is not freed after the script finishes
This sounds like a larger problem to me.
Can you please upload the decompressed image so we can take a look at it?
What makes you say that GhiHorn is just "parsing" the large program? Are you running GhiHorn, or just opening the binary in Kaiju?
I'm using GuiHorn
I don't think 50 GB of RAM is unreasonable at all to perform a symbolic analysis of a 20 MB executable.
Understood, I find this surprising but I guess that's intended
This sounds like a larger problem to me. Can you please upload the decompressed image so we can take a look at it?
Here is the decompressed image: https://github.com/Anonymous941/upload/raw/refs/heads/main/image2.out
If you want me to investigate further, I'd need to be able to reproduce your problem. So I'd need:
- Your ghidra project
- The entry point and destination address in GhiHorn
- Are you running headless?