Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application

To: Samuel Thibault <sthibault@debian.org>
Cc: Julien Cristau <jcristau@debian.org>, 822179@bugs.debian.org, Matthias <Matthias.L2@web.de>, debian-hurd@lists.debian.org
Subject: Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
From: James Clarke <jrtc27@jrtc27.com>
Date: Sat, 23 Apr 2016 15:03:29 +0100
Message-id: <[🔎] 27ACDA0A-070D-466D-8A99-1A7559B2EA31@jrtc27.com>
In-reply-to: <[🔎] 20160423135526.GH2829@var.home>
References: <146127336221.1174.4075042082403837664.reportbug@debian> <[🔎] 20160422193220.GD2718@betterave.cristau.org> <[🔎] CAEF8D25-2589-4FF0-A42B-4A79ADEAB424@jrtc27.com> <[🔎] 20160423135526.GH2829@var.home>

Hi,
> On 23 Apr 2016, at 14:55, Samuel Thibault <sthibault@debian.org> wrote:
> 
> Hello,
> 
> James Clarke, on Sat 23 Apr 2016 14:44:52 +0100, wrote:
>> I have attached a proposed patch which ensures XFD_SETSIZE never
>> exceeds FD_SETSIZE.
> 
> Did you test it?

Not this specific version, but changing it to 256 directly in the header.
I’m about to test this exact patch.

> 
> AIUI, nothing uses XFD_SETSIZE actually, it's just the default value
> that X uses for FD_SETSIZE in case it's not already defined.

No, in e.g. os/WaitFor.c in xorg-server, there are for loops using
howmany(XFD_SETSIZE, NFDBITS) to iterate over each element, which invokes
undefined behaviour and a warning from GCC due to aggressive loop optimisations.
There are a few more if you grep the xorg-server source tree, and who knows
about other packages.

> I.e. your
> change doesn't actually change anything: if FD_SETSIZE is define on
> poll.h inclusion, it'll be used, not 512.  What probably actually breaks
> is the
> 
> (howmany(FD_SETSIZE, NFDBITS) > 8 && (__XFDS_BITS(p, 8))) ||
> 
> lines when FD_SETSIZE is not big enough.  Probably these can be made
> conditioned by the value of FD_SETSIZE, something like:
> 
> #if FD_SETSIZE >= 512
> #define XFD_ANYSET_512(p) \
>       ((howmany(FD_SETSIZE, NFDBITS) > 8 && (__XFDS_BITS(p, 8))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 9 && (__XFDS_BITS(p, 9))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 10 && (__XFDS_BITS(p, 10))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 11 && (__XFDS_BITS(p, 11))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 12 && (__XFDS_BITS(p, 12))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 13 && (__XFDS_BITS(p, 13))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 14 && (__XFDS_BITS(p, 14))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 15 && (__XFDS_BITS(p, 15))))
> #else
> #define XFD_ANYSET_512(p) 0
> #endif
> 
> #define XFD_ANYSET(p) \
>       ((howmany(FD_SETSIZE, NFDBITS) > 0 && (__XFDS_BITS(p, 0))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 1 && (__XFDS_BITS(p, 1))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 2 && (__XFDS_BITS(p, 2))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 3 && (__XFDS_BITS(p, 3))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 4 && (__XFDS_BITS(p, 4))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 5 && (__XFDS_BITS(p, 5))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 6 && (__XFDS_BITS(p, 6))) || \
>        (howmany(FD_SETSIZE, NFDBITS) > 7 && (__XFDS_BITS(p, 7))) || \
> 	XFD_ANYSET_512(p))


These lines are fine; the indexing is guarded by the howmany check, and uses
the real FD_SETSIZE.

Regards,
James

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

Reply to:

Follow-Ups:
- Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
  - From: Samuel Thibault <sthibault@debian.org>
- Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
  - From: James Clarke <jrtc27@jrtc27.com>

References:
- Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
  - From: Julien Cristau <jcristau@debian.org>
- Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
  - From: James Clarke <jrtc27@jrtc27.com>
- Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
  - From: Samuel Thibault <sthibault@debian.org>

Prev by Date: Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
Next by Date: Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
Previous by thread: Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
Next by thread: Re: Bug#822179: xorg: X.Org X Server starts normally, crashes with Segmentation fault on starting any application
Index(es):
- Date
- Thread