Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1270363

Summary: usbredir/100MB/s memory leak redirecting a camera
Product: Red Hat Enterprise Linux 7 Reporter: Victor Toso <victortoso>
Component: spice-gtkAssignee: Default Assignee for SPICE Bugs <rh-spice-bugs>
Status: CLOSED ERRATA QA Contact: SPICE QE bug list <spice-qe-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.3CC: alexl, alon, berrange, cfergeau, dblechte, dgilbert, extras-qa, hdegoede, jforbes, marcandre.lureau, pgrunt, rbalakri, rduda, sandmann, tpelka, uril, victortoso
Target Milestone: rc   
Target Release: 7.3   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: spice-gtk-0.26-7.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1264156
: 1312913 (view as bug list) Environment:
Last Closed: 2016-11-04 01:11:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1264156, 1276707, 1290749    
Bug Blocks: 1201387, 1312913    

Description Victor Toso 2015-10-09 18:59:28 UTC 
+++ This bug was initially created as a clone of Bug #1264156 +++

Description of problem:
I'm seeing ~100MB/s memory leak in either virt-viewer or virt-manager when redirecting a usb-webcam.

Version-Release number of selected component (if applicable):
Client: virt-viewer or virt-manager on f22
spice-gtk-debuginfo-0.29-1.fc22.x86_64
spice-gtk-0.29-1.fc22.x86_64
spice-gtk3-0.29-1.fc22.x86_64
spice-protocol-0.12.7-2.fc21.noarch
spice-glib-devel-0.29-1.fc22.x86_64
spice-glib-0.29-1.fc22.x86_64
spice-server-devel-0.12.5-6.fc22.x86_64
spice-gtk-tools-0.29-1.fc22.x86_64
spice-debuginfo-0.12.5-5.fc22.x86_64
spice-vdagent-0.15.0-3.fc22.x86_64
spice-server-0.12.5-6.fc22.x86_64
usbredir-0.7-3.fc22.x86_64
virt-viewer-2.0-1.fc22.x86_64

guest: RHEL7.1
host: RHEL6
spice-server-0.12.4-12.el6_7.1.x86_64
spice-gtk-python-0.26-4.el6.x86_64
spice-glib-0.26-4.el6.x86_64
spice-gtk-0.26-4.el6.x86_64



How reproducible:
100%

Steps to Reproduce:
1. Start virt-viewer or virt-manager on your local machine
2. Connect to a remote host running the guest
3. Perform a usbredir via spice of a cheap webcam (0c45:62f0 is the USB model in my case) to a usb 2 card on the guest
4. Start 'cheese' in the guest

Actual results:
~ 100MB/s leak

Expected results:
No leak.

Additional info:
Snippet from a massif dump; full dump attached.

99.12% (3,872,899,472B) (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
->74.13% (2,896,327,659B) 0x33B50647B7: spice_malloc (mem.c:93)
| ->71.82% (2,806,089,336B) 0x33B5063D6C: spice_marshaller_new (marshaller.c:121)
| | ->71.82% (2,806,089,336B) 0x33B501F0A7: spice_msg_out_new (spice-channel.c:632)
| |   ->71.82% (2,806,089,336B) 0x33B50345CD: usbredir_write_callback (channel-usbredir.c:539)
| |   | ->71.82% (2,806,089,336B) 0x3D32C033B1: usbredirparser_do_write (usbredirparser.c:1066)
| |   |   ->71.82% (2,806,089,336B) 0x33B5405324: usbredirhost_iso_packet_complete (usbredirhost.c:1490)
| |   |   | ->71.82% (2,806,089,336B) 0x33B80092B3: usbi_handle_transfer_completion (io.c:1597)
| |   |   |   ->71.82% (2,806,089,336B) 0x33B800EDE4: op_handle_events (linux_usbfs.c:2459)
| |   |   |     ->71.82% (2,806,089,336B) 0x33B8008F69: handle_events (io.c:2089)
| |   |   |       ->71.82% (2,806,089,336B) 0x33B8009BD1: libusb_handle_events_timeout_completed (io.c:2174)
| |   |   |         ->71.82% (2,806,089,336B) 0x33B8009CBD: libusb_handle_events (io.c:2250)
| |   |   |           ->71.82% (2,806,089,336B) 0x33B5037E5E: spice_usb_device_manager_usb_ev_thread (usb-device-manager.c:1165)
| |   |   |             ->71.82% (2,806,089,336B) 0x3D07A710A3: g_thread_proxy (gthread.c:764)
| |   |   |               ->71.82% (2,806,089,336B) 0x3D06207553: start_thread (pthread_create.c:333)
| |   |   |                 ->71.82% (2,806,089,336B) 0x3D05702B9B: clone (clone.S:109)
| |   |   |

--- Additional comment from Dr. David Alan Gilbert on 2015-09-17 12:16:04 EDT ---

Note: The connection between the host/client may be relevant:

host - somewhere in Boston
client - UK; on the end of a 50 down/3 MBps up cable link
with a VPN and the atlantic in between.

--- Additional comment from Victor Toso on 2015-09-18 10:33:41 EDT ---

Thanks for the report + massif!
I can reproduce this on slow connection. Working on it!

--- Additional comment from Victor Toso on 2015-10-09 14:58:17 EDT ---

Patch sent to the mailing list:

[0] http://lists.freedesktop.org/archives/spice-devel/2015-October/022271.html
Comment 2 Victor Toso 2015-10-29 11:10:52 UTC 
Patches were acked upstream [1] and [2]
Moving this to POST and devel_ack+
I'll update here with the hashes after they are pushed upstream.

[1] http://lists.freedesktop.org/archives/spice-devel/2015-October/022660.html
[2] http://lists.freedesktop.org/archives/spice-devel/2015-October/022661.html
Comment 3 Victor Toso 2015-10-30 14:56:51 UTC 
Patches pushed upstream

usbredir:
a88e197b18785d6de2322b5f26484c4130a6f2b9
e1a7e3dbbe091bfdc568372ff5ab18ed7eae972e

spice-gtk:
36c7db9a38cc5335727c2abbe7968112eb6667e0
Comment 7 errata-xmlrpc 2016-11-04 01:11:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2229.html