phosphor crashed with SIGSEGV in fileno_unlocked()
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xscreensaver (Debian) |
Fix Released
|
Unknown
|
|||
xscreensaver (Fedora) |
Fix Released
|
Medium
|
|||
xscreensaver (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
Binary package hint: xscreensaver
This happens with all the computers that I have, both under Intrepid and under Jaunty. The symptom is that after the screensaver has been running for a short time (between 30 seconds and half an hour), the screen will go black and no longer run the screensaver. Unlocking the screen and re-locking the screen (to restart the screensaver) causes the screensaver to display normally for the same period of time, and then once again crash and go back to a black screen.
A minimal patch has been created to fix the problem. Since this bug makes the Phosphor screensaver unusable as-is, and this is not a core component, I am requesting a stable version update for this package.
The worst case scenario is that this patch causes a regression in Phosphor, which does not work as is, so the risk is minimal.
visibility: | private → public |
Changed in xscreensaver (Ubuntu): | |
status: | New → Confirmed |
Changed in xscreensaver (Debian): | |
status: | Unknown → New |
Changed in xscreensaver (Fedora): | |
status: | Unknown → Fix Released |
Changed in xscreensaver (Debian): | |
status: | New → Confirmed |
description: | updated |
Changed in xscreensaver (Debian): | |
status: | Confirmed → Fix Released |
Changed in xscreensaver (Fedora): | |
importance: | Unknown → Medium |
Created attachment 329709
proposed fix
Description of problem:
When (without -pipe) the child exits, state->pipe is cleared but state->pid is not. Later on, state->pid is used to determine whether to send a message to the child (via state->pipe) it tests only the value of state->pid.
This can be forced by running with -window and resizing the window between child runs (which attempts to ioctl TIOCWINSZ on the pipe).
Version-Release number of selected component (if applicable):
xscreensaver- extras- 5.08-1. fc9.x86_ 64
How reproducible:
The resize case, very. I think there's another semi-random crash case too though.
Steps to Reproduce:
1. Run phosphor with -window
2. Resize window
3.
Actual results:
SEGV
Expected results:
No SEGV
Additional info:
Attached patch does two things: clear state->pid once we know the child has exited, and check state->pipe before attempting to dereference it.