memory leaks in open-vm-tools

Bug #1847157 reported by Oliver Kurth on 2019-10-07
18
This bug affects 1 person
Affects Status Importance Assigned to Milestone
open-vm-tools (Debian)
Fix Released
Unknown
open-vm-tools (Ubuntu)
High
Unassigned
Bionic
Medium
Christian Ehrhardt 
Disco
Medium
Christian Ehrhardt 

Bug Description

[Impact]

 * Upstream identified memory leaks in the VIX plugin.

 * Patches fixing the mem leaks are provdied by upstream and
   requested to be added to the Ubuntu package of open-vm-tools.

[Test Case]

 * TL;DR: use the VIX plugin which might be easier said than done :-/
   And check memory consumption over time.
   I have asked the reporter if he could add some real examples/commands.

[Regression Potential]

 * The changes really are only about properly freeing stuff.
   If anything I'd expect that to be done overzealous and due to that a
   use-after free issue.
   Fortunately (but also the reason this is "only" medium) this only
   would affect users of the VIX plugin [1] which isn't affecting all
   users of the tools (yet TBH I don't know a percentage).
   Coming from upstream and beeing not too huge I feel rather safe on
   these patches.

[1]: https://www.vmware.com/support/developer/vix-api/

[Other Info]

 * n/a

--- original report ---

We have discovered a few memory leaks in open-vm-tools, related to the vix plugin. We have created a branch for 10.3.10 on github that includes fixes: https://github.com/vmware/open-vm-tools/tree/stable-10.3.10-vix-memory-leaks

Also reported at Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941955

Related branches

Andreas Hasenack (ahasenack) wrote :

Thanks for this. Will there be a new 10.3.x release with these fixes?

Are these the 3 fixes that should be applied?

26b9edbe (HEAD -> stable-10.3.10-vix-memory-leaks, origin/stable-10.3.10-vix-memory-leaks) Fix leaks in ListAliases and ListMappedAliases (9bc72f0b09702754b429115658a85223cb3058bd from devel)
7b874f37 End VGAuth impersonation in the case of error.
015db4c0 Fix memory leaks in 'vix' tools plugin.

Oliver Kurth (okurth-1) wrote :

Currently we do not have any plans to release any new version of open-vm-tools from the 10.3.x branch.

The list of commits to be applied is correct.

The first two changes (015db4c0 and 7b874f37) are part of 11.0. The last one (26b9edbe) is in the devel branch, and will be part of any upcoming 11.0.x and greater releases.

tags: added: server-next
Changed in open-vm-tools (Ubuntu):
assignee: nobody → Christian Ehrhardt  (paelzer)

Thanks Oliver for the ping.

Going further in 20.04 we will merge 11.0 rather soon.
But for the 10.3.10 series that means we will add some delta now.

I have prepared that for Eoan in [1].

Once it is complete there we will prep SRUs, but for that you could already help providing some config/use-case/test that we could use to show the mem-leaking behavior?

[1]: https://code.launchpad.net/~paelzer/ubuntu/+source/open-vm-tools/+git/open-vm-tools/+merge/373871

Changed in open-vm-tools (Ubuntu):
status: New → Triaged
Changed in open-vm-tools (Ubuntu Bionic):
status: New → Triaged
importance: Undecided → Medium
Changed in open-vm-tools (Ubuntu Disco):
importance: Undecided → Medium
status: New → Triaged
Changed in open-vm-tools (Ubuntu):
importance: Undecided → High

Heads up: Due to Eoan being in the last stages of its release the upload of this might take a while to appear user-visible.

Changed in open-vm-tools (Debian):
status: Unknown → New
description: updated

Reviewed and Uploaded to Eoan, waiting in the queue there due to the release freeze.

@Release Team, since this fixes a leak (generally bad) and people can forever access the initial Eoan isos&images I'd think that upload should go into to Release asap to be part of those iso builds.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package open-vm-tools - 2:10.3.10-3ubuntu1

---------------
open-vm-tools (2:10.3.10-3ubuntu1) eoan; urgency=medium

  * Fix memory leaks in vix plugin (LP: #1847157)
    - d/p/lp-1847157-End-VGAuth-impersonation-in-the-case-of-error.patch
    - d/p/lp-1847157-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch
    - d/p/lp-1847157-Fix-memory-leaks-in-vix-tools-plugin.patch

 -- Christian Ehrhardt <email address hidden> Wed, 09 Oct 2019 14:06:46 +0200

Changed in open-vm-tools (Ubuntu):
status: Triaged → Fix Released

I prepared MPs for the changes to Disco and Bionic.

@Oliver - two questions to you:

1. soon when the 20.04 cycle starts I expect 11.0 to be pushed everywhere. Is this fix already in the most recent release https://github.com/vmware/open-vm-tools/releases/tag/stable-11.0.0 ?

2. could you either outline how one could exercise and test these leaks or confirm/commit that you could do so when these SRUs are accepted and need verification?

Changed in open-vm-tools (Debian):
status: New → Fix Committed
Changed in open-vm-tools (Debian):
status: Fix Committed → Fix Released

I'm still waiting on the reporter to help making the test steps "better", but at the same time think we can already upload this to the SRU Teams review which I have now done.

Changed in open-vm-tools (Ubuntu):
assignee: Christian Ehrhardt  (paelzer) → nobody
Changed in open-vm-tools (Ubuntu Bionic):
assignee: nobody → Christian Ehrhardt  (paelzer)
Changed in open-vm-tools (Ubuntu Disco):
assignee: nobody → Christian Ehrhardt  (paelzer)

ping @ SRU Team?

and ping @ Oliver - outlining a better test and/or confirming that you will do it might help here.

Hello Oliver, or anyone else affected,

Accepted open-vm-tools into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/open-vm-tools/2:10.3.10-1ubuntu0.19.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in open-vm-tools (Ubuntu Disco):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-disco
Changed in open-vm-tools (Ubuntu Bionic):
status: Triaged → Fix Committed
tags: added: verification-needed-bionic
Łukasz Zemczak (sil2100) wrote :

Hello Oliver, or anyone else affected,

Accepted open-vm-tools into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/open-vm-tools/2:10.3.10-1~ubuntu0.18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Łukasz Zemczak (sil2100) wrote :

I'm a bit worried that the reporter from upstream seems no longer active in this bug. Looking at the changes, those seem like good memory-leak fixes (especially from upstream) so I have accepted them into -proposed.

As for releasing those into -updates, I'd prefer if we got an actual verification from upstream here. Christian, could we make this the acceptance criteria then? Would you be able to chase down some proper verification?

Yes Lukasz I agree.
Oliver isn't inactive for sure he most likely just didn't track LP updates or on vacation or something like it.

I'll send him a direct mail and worst case we have a monthly call where I can ask.

Note (to myself): I have checked 11.0 myself, the changes are in

Note: to be overwritten by 11.0 MRE which is in -unapproved for quite a while already.
Do we need to tag/mark this somehow to make it clear that the 11.0 upload is supposed to go over this (I'd prefer to release just 11.0 and not this one as interim update)?

Timo Aaltonen (tjaalton) wrote :

11.0 accepted to disco, you need to handle this bug manually.. maybe test the new version and mark this fixed

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.