Error in XGetWindowProperty() when it's called very often
Submitted by Vasily
Assigned to Xorg Project Team
Description
I've got a problem with xlib when I call XGetWindowProperty after new event has been received (with XNextEvent(m_display, &evt);). It seems to be an accidental bug and I can reproduce it only on my PC with Debian squeeze(testing state). (May be you need some info, so ask me please. I'm a newbie in it)
So, some application calls XConvertSelection and my app receives event with SelectionNotify type. And then I call XGetWindowProperty. XConvertSelection is called very fast and eventually I've got the following stack:
#0 0xb78ec806 in exit () from /lib/i686/cmov/libc.so.6
#1 0x08ce6ab1 in qt_xio_errhandler () at kernel/qapplication_x11.cpp:707
#2 0xb7bd88b6 in _XIOError () from /usr/lib/libX11.so.6
#3 0xb7be08f7 in _XReply () from /usr/lib/libX11.so.6
#4 0xb7bbddb3 in XGetWindowProperty () from /usr/lib/libX11.so.6
......The first routine from GetProp.c: XGetWindowProperty(........... { xGetPropertyReply reply; register xGetPropertyReq *req; xError error;
LockDisplay(dpy);
GetReq (GetProperty, req);
req->window = w;
req->property = property;
req->type = req_type;
req->delete = delete;
req->longOffset = offset;
req->longLength = length;
error.sequenceNumber = dpy->request;
if (!_XReply (dpy, (xReply *) &reply, 0, xFalse)) {The second routine _XReplay from XlibInt.c: We can get _XIOError only in one place if the following comparison is false: if (extra <= rep->generic.length) but extra is the third argument of _XReplay (number of 32-bit words expected after the reply) which is zero! We compare int extra with rep->generic.length which is unsigned (right?) and don't go to "if" block.
I don't understand the reason why can rep->generic.length be wrong(very large)? And why does xlib compare signed length with unsigned one?
PS X -version gives version number: 11.0 X.Org version: 1.4.2