Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tracking down FreeRDP segfault when working with /gfx and /dynamic-resolution #6888

Closed
Nexarian opened this issue Mar 12, 2021 · 3 comments · Fixed by #6892 or #6894
Closed

Tracking down FreeRDP segfault when working with /gfx and /dynamic-resolution #6888

Nexarian opened this issue Mar 12, 2021 · 3 comments · Fixed by #6892 or #6894
Labels
fixed-waiting-test
Milestone
3.0.0-beta1

Comments

@Nexarian
Copy link

Nexarian commented Mar 12, 2021
edited

This is from my conversation with @akallabeth earlier. In testing a prototype branch of XRDP, I was able to get FreeRDP to segfault, and I finally got the stack trace:

[01:15:09:641] [19837:19865] [ERROR][com.freerdp.codec.progressive] - zIndex 721
[01:15:10:503] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:544] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:587] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:627] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:671] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:711] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:755] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:797] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:839] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:882] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:924] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:964] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:10:007] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:11:048] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:11:091] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:11:133] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:11:175] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:11:218] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:11:258] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:11:300] [19837:19844] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:15:13:215] [19837:19865] [ERROR][com.freerdp.channels.rdpgfx.client] - RecvResetGraphicsPdu: width: 586 height: 1186 count: 0
[01:15:13:221] [19837:19865] [ERROR][com.freerdp.channels.rdpgfx.client] - Unexpected gfx pdu end: Actual: 0, Expected: 538

Thread 21 "xfreerdp" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffbf7fe700 (LWP 19865)]
0x00007ffff7b49738 in rdpgfx_read_header (s=0x7fffb0b014e0, header=0x7fffbf7fd300) at channels/rdpgfx/rdpgfx_common.c:119
119		Stream_Read_UINT16(s, header->cmdId);     /* cmdId (2 bytes) */
(gdb) backtrace
#0  0x00007ffff7b49738 in rdpgfx_read_header (s=0x7fffb0b014e0, header=0x7fffbf7fd300) at channels/rdpgfx/rdpgfx_common.c:119
#1  0x00007ffff7b45f15 in rdpgfx_recv_pdu (callback=0x7fffb8000e20, s=0x7fffb0b014e0) at channels/rdpgfx/client/rdpgfx_main.c:1555
#2  0x00007ffff7b46d3e in rdpgfx_on_data_received (pChannelCallback=0x7fffb8000e20, data=0x7fffe89ea690) at channels/rdpgfx/client/rdpgfx_main.c:1773
#3  0x00007ffff7b06cfd in dvcman_receive_channel_data (drdynvc=0x7fffe8001ec0, pChannelMgr=0x7fffe80047e0, ChannelId=2, data=0x7fffe89ea690)
    at channels/drdynvc/client/drdynvc_main.c:734
#4  0x00007ffff7b080b9 in drdynvc_process_data (drdynvc=0x7fffe8001ec0, Sp=0, cbChId=0, s=0x7fffe89ea690) at channels/drdynvc/client/drdynvc_main.c:1167
#5  0x00007ffff7b0839b in drdynvc_order_recv (drdynvc=0x7fffe8001ec0, s=0x7fffe89ea690) at channels/drdynvc/client/drdynvc_main.c:1233
#6  0x00007ffff7b08a88 in drdynvc_virtual_channel_client_thread (arg=0x7fffe8001ec0) at channels/drdynvc/client/drdynvc_main.c:1387
#7  0x00007ffff766e4a2 in thread_launcher (arg=0x7fffe89db4e0) at winpr/libwinpr/thread/thread.c:327
#8  0x00007ffff7399609 in start_thread (arg=<optimized out>) at pthread_create.c:477
#9  0x00007ffff7507293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

and another one:

[01:21:11:280] [20396:20424] [ERROR][com.freerdp.codec.progressive] - zIndex 104
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - rect[0]: x: 740 y: 362 w: 158 h: 60
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - rect[1]: x: 707 y: 422 w: 191 h: 25
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - rect[2]: x: 707 y: 447 w: 55 h: 3
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - Short block 969, expected 963
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - Entering progressive_surface_tile_replace
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - yIdx: 6 gridWidth: 15 xIdx: 11 gridSize: 225
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - zIndex 101
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - Entering progressive_surface_tile_replace
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - yIdx: 7 gridWidth: 15 xIdx: 11 gridSize: 225
[01:21:11:319] [20396:20424] [ERROR][com.freerdp.codec.progressive] - zIndex 116
[01:21:12:558] [20396:20424] [ERROR][com.freerdp.channels.rdpgfx.client] - RecvResetGraphicsPdu: width: 730 height: 1250 count: 0

Thread 21 "xfreerdp" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffd77fe700 (LWP 20424)]
0x00007ffff763e325 in HashTable_Get (table=0x7fffe8735cf0, key=0x2) at winpr/libwinpr/utils/collections/HashTable.c:158
158		while (pair && !table->keyCompare(key, pair->key))
(gdb) backtrace
#0  0x00007ffff763e325 in HashTable_Get (table=0x7fffe8735cf0, key=0x2) at winpr/libwinpr/utils/collections/HashTable.c:158
#1  0x00007ffff763e828 in HashTable_GetItemValue (table=0x7fffe8735cf0, key=0x2) at winpr/libwinpr/utils/collections/HashTable.c:346
#2  0x00007ffff7b475df in rdpgfx_get_surface_data (context=0x7fffe8735fc0, surfaceId=1) at channels/rdpgfx/client/rdpgfx_main.c:1992
#3  0x00007ffff78de71a in gdi_SurfaceCommand_Planar (gdi=0x7fffe86f5770, context=0x7fffe8735fc0, cmd=0x7fffd77fd260) at libfreerdp/gdi/gfx.c:402
#4  0x00007ffff78dffff in gdi_SurfaceCommand (context=0x7fffe8735fc0, cmd=0x7fffd77fd260) at libfreerdp/gdi/gfx.c:897
#5  0x00007ffff7b493ca in rdpgfx_decode (gfx=0x7fffe8736e10, cmd=0x7fffd77fd260) at channels/rdpgfx/client/rdpgfx_codec.c:292
#6  0x00007ffff7b43a41 in rdpgfx_recv_wire_to_surface_1_pdu (callback=0x7fffb8000e20, s=0x7fffb0b0c2e0) at channels/rdpgfx/client/rdpgfx_main.c:1002
#7  0x00007ffff7b45fcd in rdpgfx_recv_pdu (callback=0x7fffb8000e20, s=0x7fffb0b0c2e0) at channels/rdpgfx/client/rdpgfx_main.c:1569
#8  0x00007ffff7b46d3e in rdpgfx_on_data_received (pChannelCallback=0x7fffb8000e20, data=0x7fffe89eb3b0) at channels/rdpgfx/client/rdpgfx_main.c:1773
#9  0x00007ffff7b06cfd in dvcman_receive_channel_data (drdynvc=0x7fffe8001ec0, pChannelMgr=0x7fffe80047e0, ChannelId=2, data=0x7fffe89eb3b0)
    at channels/drdynvc/client/drdynvc_main.c:734
#10 0x00007ffff7b080b9 in drdynvc_process_data (drdynvc=0x7fffe8001ec0, Sp=0, cbChId=0, s=0x7fffe89eb3b0) at channels/drdynvc/client/drdynvc_main.c:1167
#11 0x00007ffff7b0839b in drdynvc_order_recv (drdynvc=0x7fffe8001ec0, s=0x7fffe89eb3b0) at channels/drdynvc/client/drdynvc_main.c:1233
#12 0x00007ffff7b08a88 in drdynvc_virtual_channel_client_thread (arg=0x7fffe8001ec0) at channels/drdynvc/client/drdynvc_main.c:1387
#13 0x00007ffff766e4a2 in thread_launcher (arg=0x7fffe89db4c0) at winpr/libwinpr/thread/thread.c:327
#14 0x00007ffff7399609 in start_thread (arg=<optimized out>) at pthread_create.c:477
#15 0x00007ffff7507293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
(gdb)

and

[01:25:11:257] [20811:20839] [ERROR][com.freerdp.codec.progressive] - zIndex 65
[01:25:11:797] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:11:839] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:11:882] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:11:924] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:11:965] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:008] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:176] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:217] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:259] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:302] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:346] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:387] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:431] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:12:473] [20811:20815] [WARN][com.freerdp.client.x11] - xf_lock_x11_:	[1] recursive lock from xf_sw_end_paint
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - rect[0]: x: 534 y: 307 w: 120 h: 21
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - Short block 3704, expected 3698
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - Entering progressive_surface_tile_replace
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - yIdx: 4 gridWidth: 11 xIdx: 8 gridSize: 121
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - zIndex 52
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - Entering progressive_surface_tile_replace
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - yIdx: 4 gridWidth: 11 xIdx: 9 gridSize: 121
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - zIndex 53
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - Entering progressive_surface_tile_replace
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - yIdx: 4 gridWidth: 11 xIdx: 10 gridSize: 121
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - zIndex 54
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - Entering progressive_surface_tile_replace
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - yIdx: 5 gridWidth: 11 xIdx: 8 gridSize: 121
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - zIndex 63
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - Entering progressive_surface_tile_replace
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - yIdx: 5 gridWidth: 11 xIdx: 9 gridSize: 121
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - zIndex 64
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - Entering progressive_surface_tile_replace
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - yIdx: 5 gridWidth: 11 xIdx: 10 gridSize: 121
[01:25:13:170] [20811:20839] [ERROR][com.freerdp.codec.progressive] - zIndex 65
[01:25:14:561] [20811:20839] [ERROR][com.freerdp.channels.rdpgfx.client] - RecvResetGraphicsPdu: width: 658 height: 990 count: 0

Thread 21 "xfreerdp" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffbf7fe700 (LWP 20839)]
0x00007ffff79a5030 in planar_decompress_plane_rle (
    pSrcData=0x7fffb8009d7a "\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\--Type <RET> for more, q to quit, c to continue without paging--
362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021"..., SrcSize=128, pDstData=0x7fffa4739110 "", nDstStep=2688, nXDst=0, nYDst=896, nWidth=64, nHeight=64, nChannel=2, vFlip=0) at libfreerdp/codec/planar.c:396
396						*dstp = deltaValue;
(gdb) backtrace
#0  0x00007ffff79a5030 in planar_decompress_plane_rle
    (pSrcData=0x7fffb8009d7a "\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021"..., SrcSize=128, pDstData=0x7fffa4739110 "", nDstStep=2688, nXDst=0, nYDst=896, nWidth=64, nHeight=64, nChannel=2, vFlip=0) at libfreerdp/codec/planar.c:396
#1  0x00007ffff79a5f1a in planar_decompress
    (planar=0x7fffb8008f10, pSrcData=0x7fffb8009cf9 "\020\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362", <incomplete sequence \362>..., SrcSize=513, nSrcWidth=64, nSrcHeight=64, pDstData=0x7fffa4739110 "", DstFormat=537135240, nDstStep=2688, nXDst=0, nYDst=896, nDstWidth=64, nDstHeight=64, vFlip=0) at libfreerdp/codec/planar.c:771
#2  0x00007ffff78de840 in gdi_SurfaceCommand_Planar (gdi=0x7fffe86f5770, context=0x7fffe87363e0, cmd=0x7fffbf7fd260) at libfreerdp/gdi/gfx.c:413
#3  0x00007ffff78dffff in gdi_SurfaceCommand (context=0x7fffe87363e0, cmd=0x7fffbf7fd260) at libfreerdp/gdi/gfx.c:897
#4  0x00007ffff7b493ca in rdpgfx_decode (gfx=0x7fffe8737230, cmd=0x7fffbf7fd260) at channels/rdpgfx/client/rdpgfx_codec.c:292
#5  0x00007ffff7b43a41 in rdpgfx_recv_wire_to_surface_1_pdu (callback=0x7fffb8000e20, s=0x7fffb0b08bf0) at channels/rdpgfx/client/rdpgfx_main.c:1002
#6  0x00007ffff7b45fcd in rdpgfx_recv_pdu (callback=0x7fffb8000e20, s=0x7fffb0b08bf0) at channels/rdpgfx/client/rdpgfx_main.c:1569
#7  0x00007ffff7b46d3e in rdpgfx_on_data_received (pChannelCallback=0x7fffb8000e20, data=0x7fffe9611cb0) at channels/rdpgfx/client/rdpgfx_main.c:1773
#8  0x00007ffff7b06cfd in dvcman_receive_channel_data (drdynvc=0x7fffe8001ec0, pChannelMgr=0x7fffe80047e0, ChannelId=2, data=0x7fffe9611cb0)
    at channels/drdynvc/client/drdynvc_main.c:734
#9  0x00007ffff7b080b9 in drdynvc_process_data (drdynvc=0x7fffe8001ec0, Sp=0, cbChId=0, s=0x7fffe9611cb0) at channels/drdynvc/client/drdynvc_main.c:1167
#10 0x00007ffff7b0839b in drdynvc_order_recv (drdynvc=0x7fffe8001ec0, s=0x7fffe9611cb0) at channels/drdynvc/client/drdynvc_main.c:1233
#11 0x00007ffff7b08a88 in drdynvc_virtual_channel_client_thread (arg=0x7fffe8001ec0) at channels/drdynvc/client/drdynvc_main.c:1387
#12 0x00007ffff766e4a2 in thread_launcher (arg=0x7fffe89db8e0) at winpr/libwinpr/thread/thread.c:327
#13 0x00007ffff7399609 in start_thread (arg=<optimized out>) at pthread_create.c:477
#14 0x00007ffff7507293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
(gdb)
@akallabeth
Copy link
Member

@Nexarian ok, these stack traces are impossible:

  1. The first one crashes on reading data just after the check that there is actually enough data available?
  2. Same for this one
  3. That one is not from xfreerdp stable or master branch, the message Entering progressive_surface_tile_replace is nowhere in our source

Please add /buildconfig and which version you´re using.

@Nexarian
Copy link
Author

For the first and second stack traces, I understand that it seems inconceivable, but I have a very consistent way to reproduce all of these. I'm happy to provide more data.

Second, my apologies, I had modified the logging statements to try to figure out what was going on, but there were no logic changes. Here is a stack trace from a clean clone of FreeRDP. The command I used and the /buildconfig are below:

gdb --args /usr/local/bin/xfreerdp /bpp:32 /v:[ip address]:3389 /u:[username] /p:[password] /w:2400 /h:1200 /sound /dynamic-resolution /gfx /log-level:debug

~/FreeRDP$ xfreerdp /buildconfig
This is FreeRDP version 3.0.0-dev (1fa0b80f7)
Build configuration: BUILD_TESTING=OFF BUILTIN_CHANNELS=ON HAVE_AIO_H=1 HAVE_EXECINFO_H=1 HAVE_FCNTL_H=1 HAVE_GETLOGIN_R=1 HAVE_INTTYPES_H=1 HAVE_MATH_C99_LONG_DOUBLE=1 HAVE_POLL_H=1 HAVE_PTHREAD_MUTEX_TIMEDLOCK=ON HAVE_PTHREAD_MUTEX_TIMEDLOCK_LIB=1 HAVE_PTHREAD_MUTEX_TIMEDLOCK_SYMBOL= HAVE_STRNDUP=1 HAVE_SYSLOG_H=1 HAVE_SYS_EVENTFD_H=1 HAVE_SYS_FILIO_H= HAVE_SYS_MODEM_H= HAVE_SYS_SELECT_H=1 HAVE_SYS_SOCKIO_H= HAVE_SYS_STRTIO_H= HAVE_SYS_TIMERFD_H=1 HAVE_TM_GMTOFF=1 HAVE_UNISTD_H=1 HAVE_XI_TOUCH_CLASS=1 WITH_ALSA=ON WITH_CAIRO=ON WITH_CCACHE=ON WITH_CHANNELS=ON WITH_CLANG_FORMAT=ON WITH_CLIENT=ON WITH_CLIENT_AVAILABLE=1 WITH_CLIENT_CHANNELS=ON WITH_CLIENT_CHANNELS_AVAILABLE=1 WITH_CLIENT_COMMON=ON WITH_CLIENT_INTERFACE=OFF WITH_CUPS=ON WITH_DEBUG_ALL=ON WITH_DEBUG_CAPABILITIES=ON WITH_DEBUG_CERTIFICATE=ON WITH_DEBUG_CHANNELS=ON WITH_DEBUG_CLIPRDR=ON WITH_DEBUG_DVC=ON WITH_DEBUG_KBD=ON WITH_DEBUG_LICENSE=ON WITH_DEBUG_MUTEX=ON WITH_DEBUG_NEGO=ON WITH_DEBUG_NLA=ON WITH_DEBUG_NTLM=ON WITH_DEBUG_RAIL=ON WITH_DEBUG_RDP=ON WITH_DEBUG_RDPDR=ON WITH_DEBUG_RDPEI=ON WITH_DEBUG_RDPGFX=ON WITH_DEBUG_REDIR=ON WITH_DEBUG_RFX=ON WITH_DEBUG_RINGBUFFER=ON WITH_DEBUG_SCARD=ON WITH_DEBUG_SND=ON WITH_DEBUG_SVC=ON WITH_DEBUG_SYMBOLS=ON WITH_DEBUG_THREADS=ON WITH_DEBUG_TIMEZONE=ON WITH_DEBUG_TRANSPORT=ON WITH_DEBUG_TSG=ON WITH_DEBUG_TSMF=OFF WITH_DEBUG_TSMF=OFF WITH_DEBUG_TSMF_AVAILABLE=0 WITH_DEBUG_URBDRC=OFF WITH_DEBUG_WND=ON WITH_DEBUG_X11=ON WITH_DEBUG_X11_CLIPRDR=ON WITH_DEBUG_X11_LOCAL_MOVESIZE=ON WITH_DEBUG_XV=ON WITH_DSP_EXPERIMENTAL=OFF WITH_DSP_FFMPEG=ON WITH_EVENTFD_READ_WRITE=1 WITH_FAAC=ON WITH_FAAD2=ON WITH_FFMPEG=TRUE WITH_FFMPEG=TRUE WITH_FUSE=ON WITH_GFX_H264=ON WITH_GPROF=OFF WITH_GSM=ON WITH_GSSAPI=OFF WITH_ICU=OFF WITH_IPP=OFF WITH_JPEG=OFF WITH_LAME=OFF WITH_LIBRARY_VERSIONING=ON WITH_LIBSYSTEMD=OFF WITH_MACAUDIO=OFF WITH_MACAUDIO=OFF WITH_MACAUDIO_AVAILABLE=0 WITH_MANPAGES=ON WITH_MBEDTLS=OFF WITH_OPENCL=OFF WITH_OPENH264=TRUE WITH_OPENH264=TRUE WITH_OPENH264_LOADING=OFF WITH_OPENSLES=OFF WITH_OPENSSL=ON WITH_OSS=ON WITH_PCSC=ON WITH_PROFILER=OFF WITH_PULSE=ON WITH_SAMPLE=OFF WITH_SANITIZE_ADDRESS=OFF WITH_SANITIZE_ADDRESS_AVAILABLE=1 WITH_SANITIZE_MEMORY=OFF WITH_SANITIZE_MEMORY_AVAILABLE=1 WITH_SANITIZE_THREAD=OFF WITH_SANITIZE_THREAD_AVAILABLE=1 WITH_SERVER=OFF WITH_SERVER_INTERFACE=ON WITH_SMARTCARD_INSPECT=OFF WITH_SOXR=OFF WITH_SSE2=ON WITH_SWSCALE=OFF WITH_THIRD_PARTY=OFF WITH_VAAPI=OFF WITH_VALGRIND_MEMCHECK=OFF WITH_VALGRIND_MEMCHECK_AVAILABLE=1 WITH_WAYLAND=ON WITH_WINPR_TOOLS=ON WITH_X11=ON WITH_X264=OFF WITH_XCURSOR=ON WITH_XEXT=ON WITH_XFIXES=ON WITH_XI=ON WITH_XINERAMA=ON WITH_XKBFILE=ON WITH_XRANDR=ON WITH_XRENDER=ON WITH_XSHM=ON WITH_XV=ON WITH_ZLIB=ON
Build type:          Debug
CFLAGS:               -fPIC -Wall -Wno-unused-result -Wno-unused-but-set-variable -Wno-deprecated-declarations -fvisibility=hidden -Wimplicit-function-declaration -Wredundant-decls -g -fno-omit-frame-pointer -DWINPR_DLL
Compiler:            GNU, 9.3.0
Target architecture: x64

[02:04:22:894] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:894] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:894] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 192 top: 704 right: 256 bottom: 768 bitmapDataLength: 513
[02:04:22:894] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 256 top: 704 right: 320 bottom: 768 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 320 top: 704 right: 384 bottom: 768 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 384 top: 704 right: 448 bottom: 768 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 282
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 448 top: 704 right: 472 bottom: 768 bitmapDataLength: 257
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 0 top: 768 right: 64 bottom: 832 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 64 top: 768 right: 128 bottom: 832 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 128 top: 768 right: 192 bottom: 832 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 192 top: 768 right: 256 bottom: 832 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 256 top: 768 right: 320 bottom: 832 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 320 top: 768 right: 384 bottom: 832 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 384 top: 768 right: 448 bottom: 832 bitmapDataLength: 513
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 282
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 448 top: 768 right: 472 bottom: 832 bitmapDataLength: 257
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.drdynvc.client] - order_recv: Cmd=0x3, Sp=0 cbChId=0
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - cmdId: RDPGFX_CMDID_WIRETOSURFACE_1 (0x0001) flags: 0x0000 pduLength: 538
[02:04:22:895] [6074:6102] [DEBUG][com.freerdp.channels.rdpgfx.client] - RecvWireToSurface1Pdu: surfaceId: 1 codecId: RDPGFX_CODECID_PLANAR (0x000A) pixelFormat: 0x20 destRect: left: 0 top: 832 right: 64 bottom: 896 bitmapDataLength: 513

Thread 21 "xfreerdp" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffbf7fe700 (LWP 6102)]
0x00007ffff799ebfe in planar_decompress_plane_rle (
    pSrcData=0x7fffb8009d5a "\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021"..., SrcSize=128, 
    pDstData=0x7fffb3e6a060 "", nDstStep=1920, nXDst=0, nYDst=832, nWidth=64, nHeight=64, nChannel=2, vFlip=0) at libfreerdp/codec/planar.c:396
396						*dstp = deltaValue;
(gdb) backtrace
#0  0x00007ffff799ebfe in planar_decompress_plane_rle
    (pSrcData=0x7fffb8009d5a "\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021"..., SrcSize=128, pDstData=0x7fffb3e6a060 "", nDstStep=1920, nXDst=0, nYDst=832, nWidth=64, nHeight=64, nChannel=2, vFlip=0) at libfreerdp/codec/planar.c:396
#1  0x00007ffff799fae8 in planar_decompress
    (planar=0x7fffb8008f10, pSrcData=0x7fffb8009cd9 "\020\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362\021\362", <incomplete sequence \362>..., SrcSize=513, nSrcWidth=64, nSrcHeight=64, pDstData=0x7fffb3e6a060 "", DstFormat=537135240, nDstStep=1920, nXDst=0, nYDst=832, nDstWidth=64, nDstHeight=64, vFlip=0)
    at libfreerdp/codec/planar.c:771
#2  0x00007ffff78ccc2d in gdi_SurfaceCommand_Planar (gdi=0x7fffe86f5ec0, context=0x7fffe8737d00, cmd=0x7fffbf7fd230) at libfreerdp/gdi/gfx.c:413
#3  0x00007ffff78ce3ec in gdi_SurfaceCommand (context=0x7fffe8737d00, cmd=0x7fffbf7fd230) at libfreerdp/gdi/gfx.c:897
#4  0x00007ffff7b476d7 in rdpgfx_decode (gfx=0x7fffe8738a20, cmd=0x7fffbf7fd230) at channels/rdpgfx/client/rdpgfx_codec.c:292
#5  0x00007ffff7b41623 in rdpgfx_recv_wire_to_surface_1_pdu (callback=0x7fffb8000e20, s=0x7fffb801add0) at channels/rdpgfx/client/rdpgfx_main.c:1002
#6  0x00007ffff7b441b2 in rdpgfx_recv_pdu (callback=0x7fffb8000e20, s=0x7fffb801add0) at channels/rdpgfx/client/rdpgfx_main.c:1569
#7  0x00007ffff7b44f28 in rdpgfx_on_data_received (pChannelCallback=0x7fffb8000e20, data=0x7fffe8e3fc00) at channels/rdpgfx/client/rdpgfx_main.c:1773
#8  0x00007ffff7b03cfd in dvcman_receive_channel_data (drdynvc=0x7fffe8001620, pChannelMgr=0x7fffe8003910, ChannelId=2, data=0x7fffe8e3fc00) at channels/drdynvc/client/drdynvc_main.c:734
#9  0x00007ffff7b050b9 in drdynvc_process_data (drdynvc=0x7fffe8001620, Sp=0, cbChId=0, s=0x7fffe8e3fc00) at channels/drdynvc/client/drdynvc_main.c:1167
#10 0x00007ffff7b0539b in drdynvc_order_recv (drdynvc=0x7fffe8001620, s=0x7fffe8e3fc00) at channels/drdynvc/client/drdynvc_main.c:1233
#11 0x00007ffff7b05a88 in drdynvc_virtual_channel_client_thread (arg=0x7fffe8001620) at channels/drdynvc/client/drdynvc_main.c:1387
#12 0x00007ffff7658b71 in thread_launcher (arg=0x7fffe89dd450) at winpr/libwinpr/thread/thread.c:327
#13 0x00007ffff7382609 in start_thread (arg=<optimized out>) at pthread_create.c:477
#14 0x00007ffff74f0293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
(gdb) quit

@Nexarian
Copy link
Author

So I realized I made a classic blunder. Here's the reset sequence I was sending to FreeRDP:

xrdp_egfx_send_delete_surface(wm->mm->egfx, 1);
xrdp_egfx_send_reset_graphics(wm->mm->egfx, session_width, session_height, wm->client_info->monitorCount, wm->client_info->minfo_wm);
xrdp_egfx_send_create_surface(wm->mm->egfx, 1, session_width, session_width, XR_PIXEL_FORMAT_XRGB_8888);
xrdp_egfx_send_map_surface(wm->mm->egfx, 1, 0, 0);

Can you spot the error?

Session width is used twice in create surface instead of matching what was sent from reset_graphics.

I don't know if this is a bug you care about. FreeRDP will segfault if reset graphics and create surface are sent different sizes...

@akallabeth akallabeth added this to the next milestone Mar 12, 2021
This was linked to pull requests Mar 12, 2021
Added bounds checks to gfx commands #6892
Merged
Gfx bounds backport #6894
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fixed-waiting-test
Projects
None yet
Milestone
3.0.0-beta1
Development

Successfully merging a pull request may close this issue.

Added bounds checks to gfx commands akallabeth/FreeRDP
Gfx bounds backport akallabeth/FreeRDP
2 participants
@akallabeth @Nexarian