Xpra: Ticket #1409: mmap failures with start-desktop mode

This bug only occurs with the "start-desktop" subcommand, it also seems to go away when turning on all debug with "-d all" - which points towards a race condition.

It looked like maybe the screen updates were overwriting the mmap verification token, which was always stored at index 512 - r14781 makes it possible for the server to place it anywhere (and tell the client where to find it - for client that expose this new capability). This doesn't fix the problem.

With the patch attached to this ticket, I can dump the contents of the whole mmap area as the client sees it after receiving the hello back from the server. For regular servers, the mmap area is empty except for the token. For broken "desktop" servers, the mmap area has random areas filled with 0xff.

This bug also affects the 1.0 branch.



Fri, 13 Jan 2017 18:44:02 GMT - Antoine Martin: attachment set

always dump mmap area from client when server sends hello


Fri, 13 Jan 2017 18:47:34 GMT - Antoine Martin: status changed

A broken mmap area:

001ae500  00 00 00 00 00 00 00 00  00 00 00 ff ff ff ff ff  |................|
001ae510  ff 00 00 00 ff ff ff 00  00 00 ff ff ff 00 00 00  |................|
001ae520  ff ff ff 00 00 00 ff ff  ff 00 00 00 ff ff ff 00  |................|
001ae530  00 00 ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001ae540  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001aeae0  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001aeaf0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001afb80  00 00 00 00 00 00 00 00  00 00 00 ff ff ff 00 00  |................|
001afb90  00 ff ff ff 00 00 00 ff  ff ff 00 00 00 ff ff ff  |................|
001afba0  00 00 00 ff ff ff 00 00  00 ff ff ff 00 00 00 ff  |................|
001afbb0  ff ff ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001afbc0  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001b0160  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001b0170  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001b1200  00 00 00 00 00 00 00 00  00 00 00 ff ff ff ff ff  |................|
001b1210  ff 00 00 00 ff ff ff 00  00 00 ff ff ff 00 00 00  |................|
001b1220  ff ff ff 00 00 00 ff ff  ff 00 00 00 ff ff ff 00  |................|
001b1230  00 00 ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001b1240  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001b17e0  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001b17f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001b2880  00 00 00 00 00 00 00 00  00 00 00 ff ff ff 00 00  |................|
001b2890  00 ff ff ff 00 00 00 ff  ff ff 00 00 00 ff ff ff  |................|
001b28a0  00 00 00 ff ff ff 00 00  00 ff ff ff 00 00 00 ff  |................|
001b28b0  ff ff ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001b28c0  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001b2e60  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001b2e70  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001b3f00  00 00 00 00 00 00 00 00  00 00 00 ff ff ff ff ff  |................|
001b3f10  ff 00 00 00 ff ff ff 00  00 00 ff ff ff 00 00 00  |................|
001b3f20  ff ff ff 00 00 00 ff ff  ff 00 00 00 ff ff ff 00  |................|
001b3f30  00 00 ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001b3f40  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001b44e0  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001b44f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001b5580  00 00 00 00 00 00 00 00  00 00 00 ff ff ff 00 00  |................|
001b5590  00 ff ff ff 00 00 00 ff  ff ff 00 00 00 ff ff ff  |................|
001b55a0  00 00 00 ff ff ff 00 00  00 ff ff ff 00 00 00 ff  |................|
001b55b0  ff ff ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001b55c0  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001b5b60  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001b5b70  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001b6c00  00 00 00 00 00 00 00 00  00 00 00 ff ff ff ff ff  |................|
001b6c10  ff 00 00 00 ff ff ff 00  00 00 ff ff ff 00 00 00  |................|
001b6c20  ff ff ff 00 00 00 ff ff  ff 00 00 00 ff ff ff 00  |................|
001b6c30  00 00 ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001b6c40  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001b71e0  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001b71f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001b8280  00 00 00 00 00 00 00 00  00 00 00 ff ff ff 00 00  |................|
001b8290  00 ff ff ff 00 00 00 ff  ff ff 00 00 00 ff ff ff  |................|
001b82a0  00 00 00 ff ff ff 00 00  00 ff ff ff 00 00 00 ff  |................|
001b82b0  ff ff ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001b82c0  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001b8860  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001b8870  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001b9900  00 00 00 00 00 00 00 00  00 00 00 ff ff ff ff ff  |................|
001b9910  ff 00 00 00 ff ff ff 00  00 00 ff ff ff 00 00 00  |................|
001b9920  ff ff ff 00 00 00 ff ff  ff 00 00 00 ff ff ff 00  |................|
001b9930  00 00 ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001b9940  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001b9ee0  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001b9ef0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001baf80  00 00 00 00 00 00 00 00  00 00 00 ff ff ff 00 00  |................|
001baf90  00 ff ff ff 00 00 00 ff  ff ff 00 00 00 ff ff ff  |................|
001bafa0  00 00 00 ff ff ff 00 00  00 ff ff ff 00 00 00 ff  |................|
001bafb0  ff ff ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001bafc0  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001bb560  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001bb570  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
001bc600  00 00 00 00 00 00 00 00  00 00 00 ff ff ff ff ff  |................|
001bc610  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001bc630  ff ff ff ff ff 00 00 00  ff ff ff ff ff ff ff ff  |................|
001bc640  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
001bcbe0  ff ff ff ff 00 00 00 00  00 00 00 00 00 00 00 00  |................|
001bcbf0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
10001000

A correct mmap area (from "start" subcommand) showing the token only:

00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000200  c8 f8 08 af 43 f1 03 89  77 43 0d f8 53 13 4b 42  |....C...wC..S.KB|
00000210  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
10001000

Sat, 14 Jan 2017 06:15:42 GMT - Antoine Martin:

Made some changes to try to debug better and improve the code to make the it more future proof (r14783, r14784, r14788). I don't understand why / how, but that also seems to fix the bug!

At some point, I thought I had found that adding a 0.5 second delay before reading the token in the server source check code allowed the client to correctly readback the value we were writing after that. Which doesn't make any sense.

For 1.0, I am tempted to either:


Mon, 16 Jan 2017 14:46:10 GMT - Antoine Martin: priority, status changed; resolution set

Went for the easy option: r14799 removes the token check client side in v1.0.x.

I would like to revisit this and actually figure out which change fixed things, just to figure out if we have actually fixed things. So not closing this ticket yet..


Sat, 23 Jan 2021 05:23:31 GMT - migration script:

this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/1409