Package: x2gokdrive
Version: 0.0.0.2

We are seeing x2gokdrive crash with memory corruption on EL8.  The best
valgrind trace I've been able to collect so far is:

==750746== Thread 3:
==750746== Invalid read of size 1
==750746==    at 0x15C056: getDirtyScreenRegion (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8A7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==  Address 0xac892b0 is 0 bytes inside a block of size 16,000 free'd
==750746==    at 0x4C3AA93: free (vg_replace_malloc.c:872)
==750746==    by 0x15B722: remote_screen_init (in /usr/bin/x2gokdrive)
==750746==    by 0x162D16: ephyrMapFramebuffer (in /usr/bin/x2gokdrive)
==750746==    by 0x163745: ephyrRandRSetConfig (in /usr/bin/x2gokdrive)
==750746==    by 0x1646B2: ephyrResizeScreen (in /usr/bin/x2gokdrive)
==750746==    by 0x15DE54: remote_process_client_event (in /usr/bin/x2gokdrive)
==750746==    by 0x15E3F6: clientReadNotify (in /usr/bin/x2gokdrive)
==750746==    by 0x2A8000: ospoll_wait (in /usr/bin/x2gokdrive)
==750746==    by 0x2A1472: WaitForSomething (in /usr/bin/x2gokdrive)
==750746==    by 0x1A081A: Dispatch (in /usr/bin/x2gokdrive)
==750746==    by 0x168925: dix_main (in /usr/bin/x2gokdrive)
==750746==    by 0x8609D84: (below main) (in /usr/lib64/libc-2.28.so)
==750746==  Block was alloc'd at
==750746==    at 0x4C38135: malloc (vg_replace_malloc.c:381)
==750746==    by 0x15B910: remote_screen_init (in /usr/bin/x2gokdrive)
==750746==    by 0x162D16: ephyrMapFramebuffer (in /usr/bin/x2gokdrive)
==750746==    by 0x163745: ephyrRandRSetConfig (in /usr/bin/x2gokdrive)
==750746==    by 0x1646B2: ephyrResizeScreen (in /usr/bin/x2gokdrive)
==750746==    by 0x15DE54: remote_process_client_event (in /usr/bin/x2gokdrive)
==750746==    by 0x15E3F6: clientReadNotify (in /usr/bin/x2gokdrive)
==750746==    by 0x2A8000: ospoll_wait (in /usr/bin/x2gokdrive)
==750746==    by 0x2A1472: WaitForSomething (in /usr/bin/x2gokdrive)
==750746==    by 0x1A081A: Dispatch (in /usr/bin/x2gokdrive)
==750746==    by 0x168925: dix_main (in /usr/bin/x2gokdrive)
==750746==    by 0x8609D84: (below main) (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Invalid read of size 1
==750746==    at 0x15C076: getDirtyScreenRegion (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8A7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==  Address 0xac892b8 is 8 bytes inside a block of size 16,000 free'd
==750746==    at 0x4C3AA93: free (vg_replace_malloc.c:872)
==750746==    by 0x15B722: remote_screen_init (in /usr/bin/x2gokdrive)
==750746==    by 0x162D16: ephyrMapFramebuffer (in /usr/bin/x2gokdrive)
==750746==    by 0x163745: ephyrRandRSetConfig (in /usr/bin/x2gokdrive)
==750746==    by 0x1646B2: ephyrResizeScreen (in /usr/bin/x2gokdrive)
==750746==    by 0x15DE54: remote_process_client_event (in /usr/bin/x2gokdrive)
==750746==    by 0x15E3F6: clientReadNotify (in /usr/bin/x2gokdrive)
==750746==    by 0x2A8000: ospoll_wait (in /usr/bin/x2gokdrive)
==750746==    by 0x2A1472: WaitForSomething (in /usr/bin/x2gokdrive)
==750746==    by 0x1A081A: Dispatch (in /usr/bin/x2gokdrive)
==750746==    by 0x168925: dix_main (in /usr/bin/x2gokdrive)
==750746==    by 0x8609D84: (below main) (in /usr/lib64/libc-2.28.so)
==750746==  Block was alloc'd at
==750746==    at 0x4C38135: malloc (vg_replace_malloc.c:381)
==750746==    by 0x15B910: remote_screen_init (in /usr/bin/x2gokdrive)
==750746==    by 0x162D16: ephyrMapFramebuffer (in /usr/bin/x2gokdrive)
==750746==    by 0x163745: ephyrRandRSetConfig (in /usr/bin/x2gokdrive)
==750746==    by 0x1646B2: ephyrResizeScreen (in /usr/bin/x2gokdrive)
==750746==    by 0x15DE54: remote_process_client_event (in /usr/bin/x2gokdrive)
==750746==    by 0x15E3F6: clientReadNotify (in /usr/bin/x2gokdrive)
==750746==    by 0x2A8000: ospoll_wait (in /usr/bin/x2gokdrive)
==750746==    by 0x2A1472: WaitForSomething (in /usr/bin/x2gokdrive)
==750746==    by 0x1A081A: Dispatch (in /usr/bin/x2gokdrive)
==750746==    by 0x168925: dix_main (in /usr/bin/x2gokdrive)
==750746==    by 0x8609D84: (below main) (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Thread 1:
==750746== Syscall param writev(vector[...]) points to uninitialised byte(s)
==750746==    at 0x86F4B8F: writev (in /usr/lib64/libc-2.28.so)
==750746==    by 0x2AB3ED: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x2A691C: FlushClient (in /usr/bin/x2gokdrive)
==750746==    by 0x2A6F0A: WriteToClient (in /usr/bin/x2gokdrive)
==750746==    by 0x22ADF0: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x22C5E2: GlxDispatchRequest (in /usr/bin/x2gokdrive)
==750746==    by 0x1A0A9A: Dispatch (in /usr/bin/x2gokdrive)
==750746==    by 0x168925: dix_main (in /usr/bin/x2gokdrive)
==750746==    by 0x8609D84: (below main) (in /usr/lib64/libc-2.28.so)
==750746==  Address 0x1ffefff961 is on thread 1's stack
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x29DDB7: compClipNotify (in /usr/bin/x2gokdrive)
==750746==    by 0x24DC49: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x1D50DA: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x1D5606: miValidateTree (in /usr/bin/x2gokdrive)
==750746==    by 0x18ACC9: MapWindow (in /usr/bin/x2gokdrive)
==750746==    by 0x29DA33: compCreateOverlayWindow (in /usr/bin/x2gokdrive)
==750746==    by 0x29C17F: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x1A0A9A: Dispatch (in /usr/bin/x2gokdrive)
==750746==    by 0x168925: dix_main (in /usr/bin/x2gokdrive)
==750746==    by 0x8609D84: (below main) (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x29DDB7: compClipNotify (in /usr/bin/x2gokdrive)
==750746==    by 0x24DC49: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x1D58EA: miValidateTree (in /usr/bin/x2gokdrive)
==750746==    by 0x18B0AC: MapSubwindows (in /usr/bin/x2gokdrive)
==750746==    by 0x19A9AF: ProcMapSubwindows (in /usr/bin/x2gokdrive)
==750746==    by 0x1A0A9A: Dispatch (in /usr/bin/x2gokdrive)
==750746==    by 0x168925: dix_main (in /usr/bin/x2gokdrive)
==750746==    by 0x8609D84: (below main) (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Thread 3:
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15C07C: getDirtyScreenRegion (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8A7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15C081: getDirtyScreenRegion (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8A7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Use of uninitialised value of size 8
==750746==    at 0x15C063: getDirtyScreenRegion (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8A7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15F8AB: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15EBF7: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Use of uninitialised value of size 8
==750746==    at 0x15EC64: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15EA38: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15EB8E: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x4C380DF: malloc (vg_replace_malloc.c:381)
==750746==    by 0x15EA63: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Warning: set address range perms: large range [0x59ea9040,
0x159ea6ac0) (undefined)
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15EA6A: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15EA82: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Use of uninitialised value of size 8
==750746==    at 0x15EAC0: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15EAD1: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Conditional jump or move depends on uninitialised value(s)
==750746==    at 0x15EADF: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Use of uninitialised value of size 8
==750746==    at 0x15EAC4: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==
==750746== Invalid read of size 2
==750746==    at 0x15EAC0: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)
==750746==  Address 0x2198a130 is not stack'd, malloc'd or (recently) free'd
==750746==
==750746==
==750746== Process terminating with default action of signal 6 (SIGABRT):
dumping core
==750746==    at 0x861DACF: raise (in /usr/lib64/libc-2.28.so)
==750746==    by 0x85F0EA4: abort (in /usr/lib64/libc-2.28.so)
==750746==    by 0x2AA2DF: OsAbort (in /usr/bin/x2gokdrive)
==750746==    by 0x2AE738: AbortServer (in /usr/bin/x2gokdrive)
==750746==    by 0x2AF5AC: FatalError (in /usr/bin/x2gokdrive)
==750746==    by 0x2A7614: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83C1CEF: ??? (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x15EABF: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x15EC90: send_dirty_region (in /usr/bin/x2gokdrive)
==750746==    by 0x15F8B7: ??? (in /usr/bin/x2gokdrive)
==750746==    by 0x83B71C9: start_thread (in /usr/lib64/libpthread-2.28.so)
==750746==    by 0x8608E72: clone (in /usr/lib64/libc-2.28.so)

The abort reason is "malloc(): unsorted double linked list
corrupted"


-- 
Orion Poplawski
IT Systems Manager                         720-772-5637
NWRA, Boulder/CoRA Office             FAX: 303-415-9702
3380 Mitchell Lane                       or...@nwra.com
Boulder, CO 80301                 https://www.nwra.com/

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
x2go-dev mailing list
x2go-dev@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-dev

Reply via email to