Bug#234556: xlibs: many clients get BadLength error from X_ChangeProperty request

To: 234556@bugs.debian.org
Subject: Bug#234556: xlibs: many clients get BadLength error from X_ChangeProperty request
From: Emmanuel Fleury <fleury@cs.auc.dk>
Date: Fri, 27 Feb 2004 19:55:45 +0100
Message-id: <[🔎] 1077908145.10852.111.camel@rade7.s.cs.auc.dk>
Reply-to: Emmanuel Fleury <fleury@cs.auc.dk>, 234556@bugs.debian.org
In-reply-to: <[🔎] 1077878694.10852.68.camel@rade7.s.cs.auc.dk>
References: <[🔎] 1077810649.9528.104.camel@rade7.s.cs.auc.dk> <[🔎] 1077826861.9528.129.camel@rade7.s.cs.auc.dk> <[🔎] 1077878694.10852.68.camel@rade7.s.cs.auc.dk>

Hi all,

I simply don't get it...

====================================
621		    ESET(0);
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) 
622		    write_stat = _X11TransWrite(dpy->trans_conn,
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) 
_X11TransWrite (ciptr=0x83b0cf0, buf=0x83b0cf0 "@g\023@\003",
size=138087664)
    at Xtrans.c:843
====================================

The piece of code corresponding is here:

====================================
	while (size) {
	    ESET(0);
	    write_stat = _X11TransWrite(dpy->trans_conn,
					bufindex, (int) todo);
====================================

With "_X11TransWrite" defined by:
====================================
static int
TRANS(SocketWrite) (XtransConnInfo ciptr, char *buf, int size)
{
...
====================================

So, "_X11TransWrite" should have its last parameter set to "todo" 
(i.e. 780) and NOT 138087664.

How can this be possible ????




Here is the complete trace:

=================================
GNU gdb 6.0
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details.
This GDB was configured as "i386-linux"...
(gdb) break Color.c:99
Breakpoint 1 at 0x808c406: file Color.c, line 99.
(gdb) run :6
Starting program:
/home/fleury/devel/xfree_bug/src/xc/programs/Xserver/Xnest :6

Breakpoint 1, xnestCreateColormap (pCmap=0x83b7310) at Color.c:99
99	    XQueryColors(xnestDisplay, xnestColormap(pCmap), colors,
ncolors);
(gdb) break XlibInt.c:605 if (dpy->bufptr - dpy->buffer == 780)
Breakpoint 2 at 0x400a5d88: file XlibInt.c, line 605.
(gdb) c
Continuing.

Breakpoint 2, _XFlushInt (dpy=0x83b0750, cv=0x0) at XlibInt.c:605
605		size = todo = dpy->bufptr - dpy->buffer;
(gdb) disp size
1: size = 1
(gdb) disp todo
2: todo = 0
(gdb) disp dpy->bufptr - dpy->buffer
3: dpy->bufptr - dpy->buffer = 780
(gdb) s
606		if (!size) return;
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 1
(gdb) 
605		size = todo = dpy->bufptr - dpy->buffer;
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 1
(gdb) 
606		if (!size) return;
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 780
(gdb) 
612		for (ext = dpy->flushes; ext; ext = ext->next_flush)
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 780
(gdb) 
608		dpy->flags |= XlibDisplayWriting;
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 780
(gdb) 
610		dpy->bufptr = dpy->bufmax;
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 780
(gdb) 
608		dpy->flags |= XlibDisplayWriting;
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 780
(gdb) 
612		for (ext = dpy->flushes; ext; ext = ext->next_flush)
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 780
(gdb) 
610		dpy->bufptr = dpy->bufmax;
3: dpy->bufptr - dpy->buffer = 780
2: todo = 780
1: size = 780
(gdb) 
612		for (ext = dpy->flushes; ext; ext = ext->next_flush)
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) 
620		while (size) {
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) 
614		bufindex = dpy->buffer;
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) 
620		while (size) {
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) 
621		    ESET(0);
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) 
622		    write_stat = _X11TransWrite(dpy->trans_conn,
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) 
_X11TransWrite (ciptr=0x83b0cf0, buf=0x83b0cf0 "@g\023@\003",
size=138087664)
    at Xtrans.c:843
843	    return ciptr->transptr->Write (ciptr, buf, size);
(gdb) disp size
4: size = 138087664
(gdb) s
_X11TransSocketWrite (ciptr=0x83b0db0, buf=0x83b0db0 "<\001\002", 
    size=138087856) at Xtranssock.c:1750
1750	    return write (ciptr->fd, buf, size);
(gdb) 
1744	{
(gdb) 
1750	    return write (ciptr->fd, buf, size);
(gdb) 
1752	}
(gdb) 
_X11TransWrite (ciptr=0x30c, buf=0x30c <Address 0x30c out of bounds>,
size=780)
    at Xtrans.c:844
844	}
4: size = 780
(gdb) 
_XFlushInt (dpy=0x83b0750, cv=0x0) at XlibInt.c:624
624		    if (write_stat >= 0) {
3: dpy->bufptr - dpy->buffer = 2048
2: todo = 780
1: size = 780
(gdb) quit
The program is running.  Exit anyway? (y or n) 
=================================

Reply to:

Follow-Ups:
- Bug#234556: xlibs: many clients get BadLength error from X_ChangeProperty request
  - From: Michel Dänzer <daenzer@debian.org>

References:
- Bug#234556: xlibs: many clients get BadLength error from X_ChangeProperty request
  - From: Emmanuel Fleury <fleury@cs.auc.dk>
- Bug#234556: xlibs: many clients get BadLength error from X_ChangeProperty request
  - From: Emmanuel Fleury <fleury@cs.auc.dk>
- Bug#234556: xlibs: many clients get BadLength error from X_ChangeProperty request
  - From: Emmanuel Fleury <fleury@cs.auc.dk>

Prev by Date: Bug#207832: knoppix behaviour by trying
Next by Date: Re: Question on X and new license...
Previous by thread: Bug#234556: xlibs: many clients get BadLength error from X_ChangeProperty request
Next by thread: Bug#234556: xlibs: many clients get BadLength error from X_ChangeProperty request
Index(es):
- Date
- Thread