[Xquartz-dev] XQuartz crash when resizing windows in 2.8.3_rc1

Jeremy Sequoia jeremyhu at apple.com
Fri Jul 29 01:03:10 PDT 2022 

Are you able to easily reproduce this, or it is a rare occurrence?  Is it happeneing with any app in particular (or more often than others)?

Can you file a report with your full crash logs at https://github.com/XQuartz/XQuartz/issues ?

> On Jul 24, 2022, at 19:34, Martin Otte <martinjotte at gmail.com> wrote:
> 
> Hello,
> 
> After installing the latest 2.8.3 release candidate, I noticed that a few apps are now crashing the X11 server when I resize them.
> 
> The first crash report I received after resizing a scientific app I use a lot gave:
> 
> Process:               X11.bin [25262]
> Path:                  /Applications/Utilities/XQuartz.app/Contents/MacOS/X11.bin
> Identifier:            org.xquartz.X11
> Version:               2.8.3_rc1 (2.8.31)
> Code Type:             X86-64 (Native)
> Parent Process:        ??? [25261]
> Responsible:           X11.bin [25262]
> User ID:               1002
> 
> Crashed Thread:        1
> 
> Exception Type:        EXC_CRASH (SIGABRT)
> Exception Codes:       0x0000000000000000, 0x0000000000000000
> Exception Note:        EXC_CORPSE_NOTIFY
> 
> Application Specific Information:
> X.Org <http://x.org/> X Server 21.1.4
> abort() called
> X11.bin(25262,0x70000b1d8000) malloc: *** error for object 0x7f8cddd50fe0: pointer being freed was not allocated
> 
> Thread 1 Crashed:
> 0   libsystem_kernel.dylib        	0x00007fff79c8f2c2 __pthread_kill + 10
> 1   libsystem_pthread.dylib       	0x00007fff79d4abf1 pthread_kill + 284
> 2   libsystem_c.dylib             	0x00007fff79bf96a6 abort + 127
> 3   libsystem_malloc.dylib        	0x00007fff79d08077 malloc_vreport + 545
> 4   libsystem_malloc.dylib        	0x00007fff79d07e38 malloc_report + 151
> 5   X11.bin                       	0x000000010f9c1dd1 fbDestroyPixmap + 14
> 6   X11.bin                       	0x000000010fa32c5d damageDestroyPixmap + 185
> 7   X11.bin                       	0x000000010fa4d84f ShmDestroyPixmap + 155
> 8   X11.bin                       	0x000000010fa3d459 FreePicture + 257
> 9   X11.bin                       	0x000000010fa20048 compPaintChildrenToWindow + 514
> 10  X11.bin                       	0x000000010fa1fe95 compPaintChildrenToWindow + 79
> 11  X11.bin                       	0x000000010fa1fe95 compPaintChildrenToWindow + 79
> 12  X11.bin                       	0x000000010fa1fe95 compPaintChildrenToWindow + 79
> 13  X11.bin                       	0x000000010fa1c798 compScreenUpdate + 68
> 14  X11.bin                       	0x000000010f9f4d12 ProcessWorkQueue + 37
> 15  X11.bin                       	0x000000010faa0eb4 WaitForSomething + 101
> 16  X11.bin                       	0x000000010f9ea753 Dispatch + 189
> 17  X11.bin                       	0x000000010f9f4184 dix_main + 970
> 18  X11.bin                       	0x000000010f9a2766 server_thread + 38
> 19  libsystem_pthread.dylib       	0x00007fff79d482eb _pthread_body + 126
> 20  libsystem_pthread.dylib       	0x00007fff79d4b249 _pthread_start + 66
> 21  libsystem_pthread.dylib       	0x00007fff79d4740d thread_start + 13
> 
> 
> So it looks like the crash has something to do with a Pixmap. However, other crash reports give different results:
> 
> Crashed Thread:        3
> 
> Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
> Exception Codes:       EXC_I386_GPFLT
> Exception Note:        EXC_CORPSE_NOTIFY
> 
> Termination Signal:    Segmentation fault: 11
> Termination Reason:    Namespace SIGNAL, Code 0xb
> Terminating Process:   exc handler [40512]
> 
> Thread 3 Crashed:
> 0   X11.bin                       	0x0000000105ecf310 CreateScratchGC + 33
> 1   X11.bin                       	0x0000000105e9ba13 miPaintWindow + 560
> 2   X11.bin                       	0x0000000105ea81e0 miHandleValidateExposures + 73
> 3   X11.bin                       	0x0000000105ea8da3 miResizeWindow + 2392
> 4   X11.bin                       	0x0000000105e78e0f RootlessResizeWindow + 711
> 5   X11.bin                       	0x0000000105eeb2ad compResizeWindow + 83
> 6   X11.bin                       	0x0000000105ee55fe ConfigureWindow + 2829
> 7   X11.bin                       	0x0000000105eb7921 ProcConfigureWindow + 123
> 8   X11.bin                       	0x0000000105eb6938 Dispatch + 674
> 9   X11.bin                       	0x0000000105ec0184 dix_main + 970
> 10  X11.bin                       	0x0000000105e6e766 server_thread + 38
> 11  libsystem_pthread.dylib       	0x00007fff79d482eb _pthread_body + 126
> 12  libsystem_pthread.dylib       	0x00007fff79d4b249 _pthread_start + 66
> 13  libsystem_pthread.dylib       	0x00007fff79d4740d thread_start + 13
> 
> or
> 
> Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
> Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000115ca6000
> Exception Note:        EXC_CORPSE_NOTIFY
> 
> Termination Signal:    Segmentation fault: 11
> Termination Reason:    Namespace SIGNAL, Code 0xb
> Terminating Process:   exc handler [40304]
> 
> VM Regions Near 0x115ca6000:
>     CG backing stores      00000001158d5000-0000000115ca6000 [ 3908K] rw-/rw- SM=PRV  
> --> 
>     STACK GUARD            00007000040a7000-00007000040a8000 [    4K] ---/rwx SM=NUL  stack guard for thread 8
> 
> Thread 1 Crashed:
> 0   libpixman-1.0.dylib           	0x000000010f7163b4 sse2_fill + 359
> 1   libpixman-1.0.dylib           	0x000000010f706c1b _pixman_implementation_fill + 88
> 2   libpixman-1.0.dylib           	0x000000010f6bbce5 pixman_fill + 49
> 3   X11.bin                       	0x000000010f40e205 fbFill + 889
> 4   X11.bin                       	0x000000010f40ead8 fbPolyFillRect + 231
> 5   X11.bin                       	0x000000010f3ff20e DRIPolyFillRect + 82
> 6   X11.bin                       	0x000000010f485ba8 damagePolyFillRect + 490
> 7   X11.bin                       	0x000000010f3f5f41 RootlessPolyFillRect + 310
> 8   X11.bin                       	0x000000010f41eae5 miPaintWindow + 770
> 9   X11.bin                       	0x000000010f41ede5 miWindowExposures + 191
> 10  X11.bin                       	0x000000010f42b205 miHandleValidateExposures + 110
> 11  X11.bin                       	0x000000010f42bda3 miResizeWindow + 2392
> 12  X11.bin                       	0x000000010f3fbe0f RootlessResizeWindow + 711
> 13  X11.bin                       	0x000000010f46e2ad compResizeWindow + 83
> 14  X11.bin                       	0x000000010f4685fe ConfigureWindow + 2829
> 15  X11.bin                       	0x000000010f43a921 ProcConfigureWindow + 123
> 16  X11.bin                       	0x000000010f439938 Dispatch + 674
> 17  X11.bin                       	0x000000010f443184 dix_main + 970
> 18  X11.bin                       	0x000000010f3f1766 server_thread + 38
> 19  libsystem_pthread.dylib       	0x00007fff79d482eb _pthread_body + 126
> 20  libsystem_pthread.dylib       	0x00007fff79d4b249 _pthread_start + 66
> 21  libsystem_pthread.dylib       	0x00007fff79d4740d thread_start + 13
> 
> Two common programs that cause this crash when resizing are the “display" executable that comes with ImageMagick and the gv postcript viewer. However, if I execute gv with the —pixmap command line option which causes gv to use a backing pixmap it does not crash the server. There is no problem with any of these programs with Xquartz 2.8.2.
> 
> Thanks for keeping XQuartz working on new macs. Let me know if you need more information from me about these crashes,
> 
> Martin Otte
> 
> 
> 
> 
> _______________________________________________
> Xquartz-dev mailing list
> Xquartz-dev at lists.macosforge.org
> https://lists.macosforge.org/mailman/listinfo/xquartz-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/xquartz-dev/attachments/20220729/9da5939b/attachment-0001.htm>

More information about the Xquartz-dev mailing list