Bug 801143 - Windows Guest Agent leaks ov.hEvent in ga_channel_write()
Windows Guest Agent leaks ov.hEvent in ga_channel_write()
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: qemu-kvm (Show other bugs)
6.4
All Linux
high Severity high
: rc
: ---
Assigned To: Jeff Cody
Virtualization Bugs
:
Depends On: 787723
Blocks: 804161 820481 831387
  Show dependency treegraph
 
Reported: 2012-03-07 14:01 EST by Jeff Cody
Modified: 2013-02-21 02:32 EST (History)
11 users (show)

See Also:
Fixed In Version: qemu-kvm-0.12.1.2-2.297.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 02:32:49 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
win7-32 guest before running geust-ping (95.01 KB, image/png)
2012-12-20 22:46 EST, Qunfang Zhang
no flags Details
win7-32 guest after running guest-ping (98.62 KB, image/png)
2012-12-20 22:47 EST, Qunfang Zhang
no flags Details

  None (edit)
Description Jeff Cody 2012-03-07 14:01:31 EST
Description of problem:
In the Windows guest agent, in the file qga/channel-win32.c, the function ga_channel_write() leaks the ov.hEvent created at the beginning of the function.

Before returning, ga_channel_write() should call CloseHandle on the created HANDLE ov.hEvent.

Version-Release number of selected component (if applicable):
qemu-kvm origin/master
Introduced via Bug #787723 to RHEL, from the backport of the guest agent code. (not yet tagged in rhel6 repo)


How reproducible:
100%

Steps to Reproduce:
1. Launch windows guest agent
2. Issue command to the guest agent (for instance, {"execute": "guest-info"})
3. Memory is leaked in ga_channel_write() when sending the response.

Actual results:
Small amount of memory leaked on every command.

Expected results:
No memory leaked.

Additional info:
This leak was noticed by Paolo Bonzini.
Comment 2 Jeff Cody 2012-03-15 14:29:04 EDT
Patch submitted to qemu-devel:

http://patchwork.ozlabs.org/patch/147055/
Comment 3 Jeff Cody 2012-03-28 13:41:10 EDT
Patch accepted upstream, commit id b71706d122838d9656e1a6dae80e22401babdf37
Comment 7 Qunfang Zhang 2012-11-27 21:26:13 EST
Hi Jeff
As we still have no windows guest agent package now, so is there some method for QE to verify this bug?

Thanks,
Qunfang
Comment 8 Qunfang Zhang 2012-12-06 07:25:57 EST
Paste the mail replied by Jeff for reference:
======
We are currently working to figure out the installable package for
Windows.  There currently is not one for the guest agent.  However, I
could supply you the binaries and DLL files, which could be run, if that
would help.

As far as testing this bug goes, this bug was noticed by code
inspection, and not by observation.  The leak is very small, so I am not
sure of a reliable method to show a before and after comparison.
Comment 9 Qunfang Zhang 2012-12-20 22:45:24 EST
Hi, Jeff
I tested windows guest agent this week with the executable in qemu-kvm-0.12.1.2-2.346.el6.x86_64 and could you help check my following steps? 

1. Boot a windows guest (I tested win7-32 and win2012-64).
/usr/libexec/qemu-kvm -M rhel6.4.0 -cpu SandyBridge -enable-kvm -m 2048 -smp 2,sockets=2,cores=1,threads=1 -enable-kvm -name win7 -uuid 255874cf-ceee-458a-b9e7-757dcf4d97bb -k en-us -rtc base=localtime,clock=host,driftfix=slew -no-kvm-pit-reinjection -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device usb-tablet,id=input0 -drive file=/home/win7-32-virtio.qcow2,if=none,id=disk0,format=qcow2,werror=stop,rerror=stop,aio=native -device ide-drive,bus=ide.0,unit=1,drive=disk0,id=disk0  -drive file=/home/boot.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,drive=drive-ide0-1-0,bus=ide.1,unit=0,id=cdrom -netdev tap,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=44:37:E6:5E:91:5E,bus=pci.0,addr=0x5 -monitor stdio -qmp tcp:0:6666,server,nowait -chardev socket,path=/tmp/isa-serial,server,nowait,id=isa1 -device isa-serial,chardev=isa1,id=isa-serial1 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x8 -chardev socket,id=charchannel0,path=/tmp/serial-socket,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm -chardev socket,path=/tmp/foo,server,nowait,id=foo -device virtconsole,chardev=foo,id=console0 -chardev spicevmc,id=charchannel1,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.0 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x9 -spice port=5930,disable-ticketing -vga qxl -k en-us -boot c -chardev socket,path=/tmp/qga.sock,server,nowait,id=qga0 -device virtserialport,bus=virtio-serial0.0,chardev=qga0,name=org.qemu.guest_agent.0 -global  PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0

2. Install the windows guest agent executable inside guest. 
#qemu-ga.exe --service install.

3. Check if the qemu-ga service starts, if not, start it.

4. Send commands to guest agent.

 for i in $(seq 1 1000) ; do echo { "execute": "guest-ping"} | nc -U /tmp/qga.sock ; sleep 0.1; echo $i;  done


Result: Before sending the command, qemu-ga resumes 828K mem and after finish the above script, it consumes 932K mem and will not change back to about 828K unless I reboot guest.

Hi, Jeff
Do you this this is a problem?  The result is the same when testing win2012 guest.

Thanks.
Qunfang
Comment 10 Qunfang Zhang 2012-12-20 22:46:48 EST
Created attachment 667094 [details]
win7-32 guest before running geust-ping
Comment 11 Qunfang Zhang 2012-12-20 22:47:31 EST
Created attachment 667095 [details]
win7-32 guest after running guest-ping
Comment 12 Jeff Cody 2013-01-04 22:39:07 EST
(In reply to comment #9)
> Hi, Jeff
> I tested windows guest agent this week with the executable in
> qemu-kvm-0.12.1.2-2.346.el6.x86_64 and could you help check my following
> steps? 
> 
> 1. Boot a windows guest (I tested win7-32 and win2012-64).
> /usr/libexec/qemu-kvm -M rhel6.4.0 -cpu SandyBridge -enable-kvm -m 2048 -smp
> 2,sockets=2,cores=1,threads=1 -enable-kvm -name win7 -uuid
> 255874cf-ceee-458a-b9e7-757dcf4d97bb -k en-us -rtc
> base=localtime,clock=host,driftfix=slew -no-kvm-pit-reinjection -device
> piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -device usb-tablet,id=input0
> -drive
> file=/home/win7-32-virtio.qcow2,if=none,id=disk0,format=qcow2,werror=stop,
> rerror=stop,aio=native -device
> ide-drive,bus=ide.0,unit=1,drive=disk0,id=disk0  -drive
> file=/home/boot.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,
> format=raw -device ide-drive,drive=drive-ide0-1-0,bus=ide.1,unit=0,id=cdrom
> -netdev tap,id=hostnet0 -device
> rtl8139,netdev=hostnet0,id=net0,mac=44:37:E6:5E:91:5E,bus=pci.0,addr=0x5
> -monitor stdio -qmp tcp:0:6666,server,nowait -chardev
> socket,path=/tmp/isa-serial,server,nowait,id=isa1 -device
> isa-serial,chardev=isa1,id=isa-serial1 -device
> virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x8 -chardev
> socket,id=charchannel0,path=/tmp/serial-socket,server,nowait -device
> virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,
> name=com.redhat.rhevm.vdsm -chardev
> socket,path=/tmp/foo,server,nowait,id=foo -device
> virtconsole,chardev=foo,id=console0 -chardev
> spicevmc,id=charchannel1,name=vdagent -device
> virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,
> name=com.redhat.spice.0 -device
> virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x9 -spice
> port=5930,disable-ticketing -vga qxl -k en-us -boot c -chardev
> socket,path=/tmp/qga.sock,server,nowait,id=qga0 -device
> virtserialport,bus=virtio-serial0.0,chardev=qga0,name=org.qemu.guest_agent.0
> -global  PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0
> 
> 2. Install the windows guest agent executable inside guest. 
> #qemu-ga.exe --service install.
> 
> 3. Check if the qemu-ga service starts, if not, start it.
> 
> 4. Send commands to guest agent.
> 
>  for i in $(seq 1 1000) ; do echo { "execute": "guest-ping"} | nc -U
> /tmp/qga.sock ; sleep 0.1; echo $i;  done
> 
> 
> Result: Before sending the command, qemu-ga resumes 828K mem and after
> finish the above script, it consumes 932K mem and will not change back to
> about 828K unless I reboot guest.
> 
> Hi, Jeff
> Do you this this is a problem?  The result is the same when testing win2012
> guest.
> 
> Thanks.
> Qunfang

Hi Qunfang,

Rather than stop at 1000, if you do an infinite loop, will the memory consumption continue to increase?  If the memory usage increases, but reaches a steady amount, that would not cause alarm to me, and I think the bug could be verified.  If instead, the memory usage keeps increasing so long as commands are sent, then that is a concern.  However, this bug was detected by code inspection, and not by observation - and so if it is leaking, then that may be a new bug rather than this specific fix.
Comment 13 Qunfang Zhang 2013-01-04 22:43:47 EST
Hi, Jeff
Thanks a lot for the information. I will have a try later and verify it if have no issue. 


Thanks,
Qunfang
Comment 14 Qunfang Zhang 2013-01-05 00:38:02 EST
Re-check again and there's no problem according to Jeff's comment 12.  Keep an infinite loop to send commands to guest agent, the guest memory usage reaches a steady amount (from 828K to 924K) during the loop. Guest and the agent always work well.

So this bug can be verified pass. 

Guest agent and qemu-kvm version:
qemu-kvm-0.12.1.2-2.346.el6.x86_64
qemu-guest-agent-win32-0.12.1.2-2.346.el6.x86_64
Comment 16 errata-xmlrpc 2013-02-21 02:32:49 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0527.html

Note You need to log in before you can comment on or make changes to this bug.