| Summary: | Memory error when using Xephyr with Xinerama enabled | ||||||
|---|---|---|---|---|---|---|---|
| Product: | xorg | Reporter: | Marco Trevisan (Treviño) <mail> | ||||
| Component: | Server/Ext/Xinerama | Assignee: | Xorg Project Team <xorg-team> | ||||
| Status: | RESOLVED MOVED | QA Contact: | Xorg Project Team <xorg-team> | ||||
| Severity: | normal | ||||||
| Priority: | medium | CC: | |||||
| Version: | git | ||||||
| Hardware: | x86-64 (AMD64) | ||||||
| OS: | Linux (All) | ||||||
| Whiteboard: | |||||||
| i915 platform: | i915 features: | ||||||
| Attachments: |
|
||||||
Created attachment 139093 [details] [review] panoramiX: grow depths visuals dynamically We need to ensure we've enough elements where writing the Visual depths or we could end up in a memory error. -- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/xorg/xserver/issues/237. |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.
Just try to run something like: valgrind Xephyr :2 +extension RANDR +xinerama \ -screen 800x600 -screen 800x600+800+0 ==12009== Memcheck, a memory error detector ==12009== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==12009== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info ==12009== Command: Xephyr :2 +extension RANDR -screen 800x600 -screen 800x600+800+0 +xinerama ==12009== ==12009== Syscall param msync(start) points to uninitialised byte(s) ==12009== at 0x891FB91: msync (msync.c:25) ==12009== by 0x55952F3: ??? (in /usr/lib/x86_64-linux-gnu/libunwind.so.8.0.1) ==12009== by 0x5599230: ??? (in /usr/lib/x86_64-linux-gnu/libunwind.so.8.0.1) ==12009== by 0x559953E: ??? (in /usr/lib/x86_64-linux-gnu/libunwind.so.8.0.1) ==12009== by 0x5599A98: ??? (in /usr/lib/x86_64-linux-gnu/libunwind.so.8.0.1) ==12009== by 0x5595E70: _ULx86_64_step (in /usr/lib/x86_64-linux-gnu/libunwind.so.8.0.1) ==12009== by 0x5596A4C: ??? (in /usr/lib/x86_64-linux-gnu/libunwind.so.8.0.1) ==12009== by 0x5593E21: backtrace (in /usr/lib/x86_64-linux-gnu/libunwind.so.8.0.1) ==12009== by 0x2CFD26: OsInit (osinit.c:217) ==12009== by 0x19D14C: dix_main (main.c:154) ==12009== by 0x8B4EB96: (below main) (libc-start.c:310) ==12009== Address 0x1ffeffd040 is on thread 1's stack ==12009== ==12009== Invalid write of size 4 ==12009== at 0x224C31: PanoramiXMaybeAddVisual (panoramiX.c:799) ==12009== by 0x224C31: PanoramiXConsolidate (panoramiX.c:822) ==12009== by 0x19D60E: dix_main (main.c:243) ==12009== by 0x8B4EB96: (below main) (libc-start.c:310) ==12009== Address 0x15befbb0 is 0 bytes after a block of size 960 alloc'd ==12009== at 0x4C2FA3F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==12009== by 0x4C31D84: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==12009== by 0x224C4D: PanoramiXMaybeAddDepth (panoramiX.c:756) ==12009== by 0x224C4D: PanoramiXConsolidate (panoramiX.c:819) ==12009== by 0x19D60E: dix_main (main.c:243) ==12009== by 0x8B4EB96: (below main) (libc-start.c:310) ==12009== ==12009== Invalid read of size 4 ==12009== at 0x224644: PanoramiXCreateConnectionBlock (panoramiX.c:656) ==12009== by 0x19D3D0: dix_main (main.c:260) ==12009== by 0x8B4EB96: (below main) (libc-start.c:310) ==12009== Address 0x15befbb0 is 0 bytes after a block of size 960 alloc'd ==12009== at 0x4C2FA3F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==12009== by 0x4C31D84: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==12009== by 0x224C4D: PanoramiXMaybeAddDepth (panoramiX.c:756) ==12009== by 0x224C4D: PanoramiXConsolidate (panoramiX.c:819) ==12009== by 0x19D60E: dix_main (main.c:243) ==12009== by 0x8B4EB96: (below main) (libc-start.c:310) ==12009== ==12009== Invalid free() / delete / delete[] / realloc() ==12009== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==12009== by 0x22472C: PanoramiXCreateConnectionBlock (panoramiX.c:675) ==12009== by 0x19D3D0: dix_main (main.c:260) ==12009== by 0x8B4EB96: (below main) (libc-start.c:310) ==12009== Address 0x2d0000002cf is not stack'd, malloc'd or (recently) free'd ==12009== This ends up in a crash when launching on that a window manager for example (or just mutter).