This is the mail archive of the cygwin-xfree@cygwin.com mailing list for the Cygwin XFree86 project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: uxterm from xterm-185-3 and xfontsel crashing when running under cygserver support


On Mar 26 19:24, Corinna Vinschen wrote:
> On Mar 26 11:18, Harold L Hunt II wrote:
> > Corinna Vinschen wrote:
> > >keen to debug it.  From what I can tell, the shmctl call works
> > >fine.  After that call, the XFreeFont() function accesses a piece
> > >of data, 512 bytes before the address of the buffer used as third
> > >argument to shmctl().  This address (buffer - 512) results in the
> > >SEGV.
> > [...]
> > I'll have to see if I can reproduce this and maybe make a debug compile 
> > (takes about 2 hours, ugh).
> 
> Thanks you.  Just a correction:  I misinterpreted the address by 1 hex
> digit.  The address is 32 bytes before the buffer, not 512 bytes, sorry.

I've build my own debug version of the X stuff today and I tracked the
SEGV down.  It's an unfortunate combination of two bugs in the SHM
implementation:

- shmat() returns NULL on error instead of (void *)-1.

- shmat() only operates on shared memory segments of which the shmid
  has been retrieved using shmget() by the application itself.  I was
  absolutely sure that only the key argument to shmget() is a valid
  interprocess exchange value for identifying shared memory segments. 
  I wasn't aware that the shmid itself could be exchanged.

For today, I only fixed the first bug.  This fixes the SEGV in uxterm
and friends, but a fix for the second bug is necessary to get a working
Bigfont extension.  I hope to get this done next week.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]