Memory used internally by Botan not deallocated

Question

I have currently a memory issue using the Botan library (version 2.15) for cryptography functions within a C++ project. My development environment is Solus Linux 4.1 (kernel-current), but I could observe this issue on Debian Buster too.

I observed that some memory allocated internally by Botan for calculations is not deallocated when going out of scope. When I called Botan::HashFunction, Botan::StreamCipher and Botan::scrypt multiple times, always going out of scope in between, the memory footprint increases steadily.

For example, consider this code:

#include <iostream>
#include <vector>

#include "botan/scrypt.h"


void pause() {
    char ch;
    std::cout << "Insert any key to proceed... ";
    std::cin >> ch;
}


std::vector<uint8_t> get_scrypt_passhash(std::string const& password, std::string const& name) {

    std::vector<uint8_t> key (32);
    Botan::scrypt(key.data(), key.size(), password.c_str(), password.length(), salt.c_str(), salt.length(), 65536, 32, 1);

    std::cout << "From function: before closing.\n";
    pause();

    return key;
}


int main(int argc, char *argv[]) {

    std::cout << "Beginning test.\n";
    pause();

    auto pwhashed = get_scrypt_passhash(argv[1], argv[2]);

    std::cout << "Test ended.\n";
    pause();
}

I used the pause() function to observe the memory consumption (I called top/pmap and observed KSysGuard during the pause), when it is called from within get_scrypt_passhash before terminating, the used memory (both by top/pmap and KSysGuard) is about 2 MB more than at beginning, and after terminating the same.

I tried to dive into the Botan source code, but I cannot find memory leaks or the like. Valgrind also outputted that all allocated bytes have been freed, so no memory leaks were possible. Just for information, I tried the same functionality with Crypto++ without observing this behavior.

Has anyone experienced the same issue? Is there a way to fix it?

how do you observe memory consumption? Memory is not given back to the OS at the very moment `delete` is called btw — 463035818_is_not_an_ai, Oct 26 '20 at 10:08
Use something like Valgrind or MemorySanitizer to verify if they are actual leaks and if the tools point to Botan, when report the issue there. — Dan M., Oct 26 '20 at 10:10
@idclev463035818 When the function I call goes out of scope, I would expect any object created inside is destroyed and the memory freed. For example if I create a `std::vector` within a scope and push back 1 million items, I can see that 4 MB are allocated. When I go out of scope (the vector is local to the scope), I can see that these 4 MB are given back to the OS. I would expect a similar behavior in my case, as `scrypt` does some internal calculations and then stores the result in a small vector (e.g. 32 bytes). — Leitwolf, Oct 26 '20 at 10:18
"I can see that 4 MB ..." how do you observe the memory consumption? (I still have no idea what you are talking about) — 463035818_is_not_an_ai, Oct 26 '20 at 10:19
@idclev463035818 Both by calling top/pmap or using KSysGuard — Leitwolf, Oct 26 '20 at 11:13
please include that information in the question. When you say "used memory is 2 MB" then it isnt obvious what that actually means — 463035818_is_not_an_ai, Oct 26 '20 at 11:16
@DanM. Valgrind shows no memory leaks, it says 191 allocations, 191 frees and 268 MB allocated. This confirms what I thought about the Botan source code. — Leitwolf, Oct 26 '20 at 11:21
@idclev463035818 I edited my post with your hint, thanks for that. — Leitwolf, Oct 26 '20 at 11:28
@Leitwolf do you run out of memory if you call your function in a loop? If you don't, and the usage stops growing after some point, when everything is fine and there is no leak (just as Valgrind reported). There is a high chance that Botan does some heap allocation internally, which is not immediately given back to OS when freed for performance reasons. While you probably tested with the stack-allocated values which are handled more straight-forwardly. — Dan M., Oct 26 '20 at 11:45
@DanM. No, I don't run out of memory. I have a loop calling repeatedly `hash`, `scrypt`, encryption and decryption on files, and the memory usage (in the sense explained above) increases in some cases but not all. Only, it doesn't decrease even when the loop runs idle. I agree with you that Botan must be doing internally something, but according to Valgrind all allocated heap memory is also deallocated. I suspect it is something with static scope variables instead. — Leitwolf, Oct 27 '20 at 10:10
Anyway, it doesn't seem like there is any leak or other memory problem with the particular Botan call. Note that you also measure the memory usage of `key`, `password` and `name`, not that would make a significant difference. — Dan M., Oct 27 '20 at 10:38

Memory used internally by Botan not deallocated

0 Answers0