Bug 1890831

(In reply to John Wolfe from comment #0)

Hi John,

You marked this BZ severity as high. I need to understand why so we can justify replacing the planned 11.1.5 rebase with an 11.2.0 rebase. Also we use the packaging provided by Fedora and currently Fedora is at 11.1.5. Do you know when 11.2.0 will be added?

Thanks,

Cathy

Hi Cathy,

I suspect that I was just "copying" that entered in the OVT 11.1.5 rebase BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1806677

There is a memory leak fixed in 11.2.0 that will avoid performance issues on a VM with IDE or SAS disks.  This typically would not be a problem for Red Hat VMs since disk creation defaults to SCSI.
See change https://github.com/vmware/open-vm-tools/commit/25c2e97358 for details.

I can provide a patch for 11.1.5 if desired; the same change applies directly to the 11.1.5 source base.

Going forward I will leave the severity as "unspecified".

Ravindra does the Fedora open-vm-tools packaging; he can comment on an ETA.

(In reply to Cathy Avery from comment #2)
> You marked this BZ severity as high. I need to understand why so we can
> justify replacing the planned 11.1.5 rebase with an 11.2.0 rebase. Also we
> use the packaging provided by Fedora and currently Fedora is at 11.1.5. Do
> you know when 11.2.0 will be added?

Hi Cathy, what timeline you are looking for Fedora update if you were to include 11.2.0 in 8.4? I will target/prioritize that accordingly.

(In reply to John Wolfe from comment #3)

> There is a memory leak fixed in 11.2.0 that will avoid performance issues on
> a VM with IDE or SAS disks.  This typically would not be a problem for Red
> Hat VMs since disk creation defaults to SCSI.
> See change https://github.com/vmware/open-vm-tools/commit/25c2e97358 for
> details.
> 
> I can provide a patch for 11.1.5 if desired; the same change applies
> directly to the 11.1.5 source base.
> 
vSphere/ESXi uses pvscsi by defaut. However, I'm not sure about Workstation and Fusion products. Suggest checking these.

(In reply to John Savanyo from comment #6)
> (In reply to John Wolfe from comment #3)
> 
> > There is a memory leak fixed in 11.2.0 that will avoid performance issues on
> > a VM with IDE or SAS disks.  This typically would not be a problem for Red
> > Hat VMs since disk creation defaults to SCSI.
> > See change https://github.com/vmware/open-vm-tools/commit/25c2e97358 for
> > details.
> > 
> > I can provide a patch for 11.1.5 if desired; the same change applies
> > directly to the 11.1.5 source base.
> > 
> vSphere/ESXi uses pvscsi by defaut. However, I'm not sure about Workstation
> and Fusion products. Suggest checking these.

I did confirm this on WS 16.0.   The disk controller defaults to LSI Logic with the option to use LSI Logic SAS or paravirtualized SCSI controllers.

One is presented with the option to add IDE or SATA disk drives to the VM.

(In reply to Ravindra Kumar from comment #4)
> (In reply to Cathy Avery from comment #2)
> > You marked this BZ severity as high. I need to understand why so we can
> > justify replacing the planned 11.1.5 rebase with an 11.2.0 rebase. Also we
> > use the packaging provided by Fedora and currently Fedora is at 11.1.5. Do
> > you know when 11.2.0 will be added?
> 
> Hi Cathy, what timeline you are looking for Fedora update if you were to
> include 11.2.0 in 8.4? I will target/prioritize that accordingly.

Hi Ravinda,

can we expect some spec changes related to 11.2.0? I run just pure rebasing for RHEL and as stated in comment 5, it shouldn't have introduced any regression. This means we can probably go in without waiting for fedora rebase and backport anything missing later.

For us to get fedora rebase before current RHEL going it, fedora should be done before Nov 28th.

In case we are going with just backporting, before end of year (ideally before Dec 12th) is enough.

Miroslav, 11.2.0 update is straight-forward. I completed it for Fedora today:
- https://src.fedoraproject.org/rpms/open-vm-tools/c/2a196505f936a298c47ca3cf0442df0f3da9c359?branch=master

I've run coverity on Mirek's preliminary 11.2.0 repo. After applying the patch Jonathan gave me 

https://github.com/vmware/open-vm-tools/tree/devel, commit e18e67f727d0354b08a55b685178fd05f542c6da

and discarding the thus far known false positives we now have the list below of 3 defects to be addressed. 

I will be filing a BZ once the official rebase repo is ready. It looks like the last 2 are false positives. I did not check the first 2.

Thanks,

Cathy


Error: RESOURCE_LEAK (CWE-772):
open-vm-tools-11.2.0-16938113/lib/hgfsServer/hgfsServer.c:5938: alloc_fn: Storage is returned from allocation function "UtilSafeCalloc0".
open-vm-tools-11.2.0-16938113/lib/hgfsServer/hgfsServer.c:5938: var_assign: Assigning: "entry" = storage returned from "UtilSafeCalloc0(1UL, 16UL)".
open-vm-tools-11.2.0-16938113/lib/hgfsServer/hgfsServer.c:5941: noescape: Resource "entry" is not freed or pointed-to in "HgfsCache_Put".
open-vm-tools-11.2.0-16938113/lib/hgfsServer/hgfsServer.c:5976: leaked_storage: Variable "entry" going out of scope leaks the storage it points to.
# 5974|      *bufOut = myBufOut;
# 5975|   
# 5976|->    return HGFS_NAME_STATUS_COMPLETE;
# 5977|   
# 5978|   error:

Error: RESOURCE_LEAK (CWE-772):
open-vm-tools-11.2.0-16938113/lib/hgfsServer/hgfsServer.c:8504: alloc_fn: Storage is returned from allocation function "UtilSafeCalloc0".
open-vm-tools-11.2.0-16938113/lib/hgfsServer/hgfsServer.c:8504: var_assign: Assigning: "entry" = storage returned from "UtilSafeCalloc0(1UL, 184UL)".
open-vm-tools-11.2.0-16938113/lib/hgfsServer/hgfsServer.c:8507: noescape: Resource "entry" is not freed or pointed-to in "HgfsCache_Put".
open-vm-tools-11.2.0-16938113/lib/hgfsServer/hgfsServer.c:8558: leaked_storage: Variable "entry" going out of scope leaks the storage it points to.
# 8556|   
# 8557|      HgfsServerCompleteRequest(status, replyPayloadSize, input);
# 8558|-> }
# 8559|   
# 8560|   


Error: RESOURCE_LEAK (CWE-772):
open-vm-tools-11.2.0-16938113/vgauth/lib/proto.c:1235: alloc_arg: "VGAuth_CommReadData" allocates memory that is stored into "rawReply".
open-vm-tools-11.2.0-16938113/vgauth/lib/proto.c:1239: leaked_storage: Variable "rawReply" going out of scope leaks the storage it points to.
# 1237|            err = VGAUTH_E_COMM;
# 1238|            Warning("%s: EOF on datastream when trying to parse\n", __FUNCTION__);
# 1239|->          goto abort;
# 1240|         }
# 1241|         if (VGAUTH_E_OK != err) {

Error: RESOURCE_LEAK (CWE-772):  FALSE POSITIVE
open-vm-tools-11.2.0-16938113/vgauth/serviceImpl/proto.c:1115: alloc_arg: "ServiceNetworkReadData" allocates memory that is stored into "data".
open-vm-tools-11.2.0-16938113/vgauth/serviceImpl/proto.c:1178: leaked_storage: Variable "data" going out of scope leaks the storage it points to.
# 1176|      }
# 1177|   
# 1178|->    return err;
# 1179|   }
# 1180|

(In reply to Cathy Avery from comment #10)
Sorry that's 4 defects not 3.

The coverity bz for 11.2.0 is BZ 1896804.

The open-vm-tools regression auto test had completed and all test cases passed, no regression issue found. Also run some sanity test by manual, no new issue found, so change status to Verified.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (open-vm-tools bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2021:1753