pScreen->GetWindowPixmap is never initialized in Xnest startup and contains random data. After some server resets it crashes with segfault because pScreen->GetWindowPixmap is called but is not a valid function. A quick fix was to set the complete ScreenRec structure to null after allocating it in dix/main.c (AddScreen)
Created attachment 928 [details] [review] fill ScreenRec structure with 0 after allocating it
*** Bug 1092 has been marked as a duplicate of this bug. ***
The patch fixes this and other problems (for example bug 1092) in Xnest, however it could be done slightly "easier" via using |xcalloc()| instead of the |xalloc()m;emset(...,0,...)|-sequence...
Taking bug ...
Created attachment 939 [details] [review] [FIXED_X11R68x] Allocate ScreenRec structure filled with 0 (patch for 2004-09-18-trunk)
Patch checked-in... /cvs/xorg/xc/ChangeLog,v <-- ChangeLog new revision: 1.382; previous revision: 1.381 /cvs/xorg/xc/programs/Xserver/dix/main.c,v <-- main.c new revision: 1.4; previous revision: 1.3 Mailing the commit message to xorg-commit@pdx.freedesktop.org... ... marking bug as FIXED.
Great! This fixes the Xnest segfault for me. :-)
Comment on attachment 939 [details] [review] [FIXED_X11R68x] Allocate ScreenRec structure filled with 0 (patch for 2004-09-18-trunk) Requesting approval for X11R6.8.2. The patch fixes random crashes (like in DAMAGE code etc.) in Xnest due uninitalised GetWindowPixmap."): This is the fix for the Xnest TOPCRASHER. Most distributions (like SuSE etc.) already ship with that patch since otherwise Xnest is unuseable in most cases.
Stuart independently discovered this bug and applied the same fix to the Xsun & Xnest source on Solaris when porting Damage to Solaris Xsun. I vote for putting it in the 6.8.2 branch.
Comment on attachment 939 [details] [review] [FIXED_X11R68x] Allocate ScreenRec structure filled with 0 (patch for 2004-09-18-trunk) Approved for the X11R6.8.x branch in the 2004-11-17 release-wranglers phone call. Please don't commit it yourself, I'll handle that once the CVS service is available again.
Comment on attachment 939 [details] [review] [FIXED_X11R68x] Allocate ScreenRec structure filled with 0 (patch for 2004-09-18-trunk) Patch checked-in into X11R6.8.x stable branch: /cvs/xorg/xc/ChangeLog,v <-- ChangeLog new revision: 1.365.2.9; previous revision: 1.365.2.8 cvs commit: Using deprecated info format strings. Convert your scripts to use the new argument format and remove '1's from your info file format strings. /cvs/xorg/xc/programs/Xserver/dix/main.c,v <-- main.c new revision: 1.3.4.1; previous revision: 1.3 cvs commit: Using deprecated info format strings. Convert your scripts to use the new argument format and remove '1's from your info file format strings. Mailing the commit message to xorg-commit@lists.freedesktop.org...
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.