Bug 2479 - calling XScreenSaverQueryInfo crashes the server
Summary: calling XScreenSaverQueryInfo crashes the server
Status: RESOLVED FIXED
Alias: None
Product: xorg
Classification: Unclassified
Component: Server/General (show other bugs)
Version: 6.8.2
Hardware: x86 (IA32) Linux (All)
: high normal
Assignee: Xorg Project Team
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-02-05 20:43 UTC by Nicholas Miell
Modified: 2005-10-08 19:42 UTC (History)
2 users (show)

See Also:
i915 platform:
i915 features:

Attachments
Patch to saver.c as applied to CVS head (453 bytes, patch)
2005-10-09 12:41 UTC, Alan Coopersmith 		alan.coopersmith: 6.8-branch?
Details | Splinter Review
View All

Description Nicholas Miell 2005-02-05 20:43:45 UTC 
backtrace without debugging symbols is as follows:

#0  0x000000301972e4dd in *__GI_raise (sig=6700)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:67
#1  0x000000301972fc8e in *__GI_abort () at ../sysdeps/generic/abort.c:88
#2  0x0000003019762b91 in __libc_message (do_abort=2,
    fmt=0x3019810850 "*** glibc detected *** %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:145
#3  0x00000030197684cf in _int_free (av=0x301992e620, mem=0x1a2c)
    at malloc.c:5523
#4  0x0000003019768a76 in __libc_free (mem=0x6) at malloc.c:3404
#5  0x00000000005179c6 in ProcScreenSaverQueryInfo ()
#6  0x0000000000470f9d in Dispatch ()
#7  0x0000000000456de5 in main ()

This is with 6.8.1.904. 903 and, iirc, 902 did it also. I don't know about
previous versions.
Comment 1 Nicholas Miell 2005-02-05 21:15:20 UTC 
A simple test program that does nothing XSS-related besides call
XScreenSaverQueryExtension, XScreenSaverAllocInfo and XScreenSaverQueryInfo does
not crash the server.

beforelight does, everytime.
Comment 2 Roland Mainz 2005-02-07 07:45:03 UTC 
(In reply to comment #1)
> A simple test program that does nothing XSS-related besides call
> XScreenSaverQueryExtension, XScreenSaverAllocInfo and XScreenSaverQueryInfo does
> not crash the server.
> 
> beforelight does, everytime.

Does beforelight (I assume this is a window manager, right ?) work when you turn
the screensaver extension off in the Xserver (you can do that at command line
via % Xorg -extension MIT-SCREEN-SAVER #) ?
Comment 3 Nicholas Miell 2005-02-07 08:23:57 UTC 
beforelight is, as far as I know, the canonical example of a screensaver that
uses the MIT-SCREEN-SAVER extension. It comes with X.

Disabling the extension prevents beforelight from ever using it, and thus the X
server does not crash.
Comment 4 Nicholas Miell 2005-02-08 23:23:38 UTC 
Turns out that the bug was in XScreenSaverSetAttributes, and was fixed here:

http://cvs.freedesktop.org/xorg/xc/programs/Xserver/Xext/saver.c?r1=1.2&r2=1.3&only_with_tag=MAIN

Needs to be merged into 6.8.2, though.
Comment 5 Mike A. Harris 2005-03-16 10:34:06 UTC 
Info for Fedora Core users experiencing this problem:

Patch added to 6.8.2-11 which will be in all future FC3/FC4/RHEL4 builds.

* Tue Mar 15 2005 Mike A. Harris <mharris@redhat.com>
- Added xorg-x11-6.8.2-config-StaticNeedsPicForShared.patch for (#108026)
- Removed StaticNeedsPicForShared from host.def section
- Added xorg-x11-6.8.2-XScreenSaverQueryInfo-crash-fix.patch to fix (#147890)
Comment 6 Alan Coopersmith 2005-10-09 12:41:30 UTC 
Created attachment 3526 [details] [review]
Patch to saver.c as applied to CVS head
Comment 7 Alan Coopersmith 2005-10-09 12:42:51 UTC 
Since this is fixed in CVS head, and a patch for it is in the 6.8.3 request
queue, closing bug as FIXED.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.