I get 2 different corruptions right now it seems on xorg 1.13rc4, with --free-file=df:
First one is synaptics out of bounds.. ==3097== Invalid write of size 4 ==3097== at 0xAEBFE95: UpdateTouchState.isra.12 (synaptics.c:3132) ==3097== by 0xAEC1532: HandleState (synaptics.c:3224) ==3097== by 0xAEC3F73: ReadInput (synaptics.c:1725) ==3097== by 0x19B656: xf86SigioReadInput (xf86Events.c:298) ==3097== by 0x1C4C97: xf86SIGIO (sigio.c:110) ==3097== by 0x56D9CAF: ??? (in /lib/x86_64-linux-gnu/libpthread-2.15.so) ==3097== by 0x56D8D0D: __read_nocancel (syscall-template.S:82) ==3097== by 0x2B8525: _XSERVTransSocketRead (unistd.h:45) ==3097== by 0x2B2FC0: ReadRequestFromClient (io.c:332) ==3097== by 0x15D878: Dispatch (dispatch.c:399) ==3097== by 0x14C559: main (main.c:295) ==3097== Address 0xaae8da8 is 0 bytes after a block of size 8 alloc'd ==3097== at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==3097== by 0xAEC0F13: DeviceControl (synaptics.c:1277) ==3097== by 0x153082: ActivateDevice (devices.c:547) ==3097== by 0x1AA30D: xf86NewInputDevice (xf86Xinput.c:858) ==3097== by 0x1C0655: device_added (udev.c:231) ==3097== by 0x1C0CB2: config_udev_init (udev.c:386) ==3097== by 0x1BFC08: config_init (config.c:48) ==3097== by 0x19DB4D: InitInput (xf86Init.c:989) ==3097== by 0x14C518: main (main.c:265) ==3097== then immediately after that some invalid event: ==3097== ==3097== More than 100 errors detected. Subsequent errors ==3097== will still be recorded, but in less detail than before. ==3097== Invalid read of size 8 ==3097== at 0x19BDC9: xf86Wakeup (xf86Events.c:276) ==3097== by 0x161D9A: WakeupHandler (dixutils.c:423) ==3097== by 0x2ADCD3: WaitForSomething (WaitFor.c:224) ==3097== by 0x15D790: Dispatch (dispatch.c:357) ==3097== by 0x14C559: main (main.c:295) ==3097== Address 0x235092c0 is 32 bytes inside a block of size 40 free'd ==3097== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==3097== by 0x19BB4A: xf86RemoveGeneralHandler (xf86Events.c:670) ==3097== by 0x1C5841: lnxCloseACPI (lnx_acpi.c:174) ==3097== by 0x1C58C9: lnxACPIGetEventFromOs (lnx_acpi.c:68) ==3097== by 0x1A993E: xf86HandlePMEvents (xf86PM.c:208) ==3097== by 0x19BDC8: xf86Wakeup (xf86Events.c:279) ==3097== by 0x161D9A: WakeupHandler (dixutils.c:423) ==3097== by 0x2ADCD3: WaitForSomething (WaitFor.c:224) ==3097== by 0x15D790: Dispatch (dispatch.c:357) ==3097== by 0x14C559: main (main.c:295) ==3097== ==3097== Invalid read of size 4 ==3097== at 0x19BD89: xf86Wakeup (xf86Events.c:277) ==3097== by 0x161D9A: WakeupHandler (dixutils.c:423) ==3097== by 0x2ADCD3: WaitForSomething (WaitFor.c:224) ==3097== by 0x15D790: Dispatch (dispatch.c:357) ==3097== by 0x14C559: main (main.c:295) ==3097== Address 0xdfdfdfdfdfdfdff7 is not stack'd, malloc'd or (recently) free'd Which causes it to dump core at this point.. -- You received this bug notification because you are a member of Ubuntu-X, which is subscribed to xserver-xorg-input-synaptics in Ubuntu. https://bugs.launchpad.net/bugs/956071 Title: Xorg crashed with SIGSEGV in XIGetDeviceProperty() To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/956071/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~ubuntu-x-swat Post to : ubuntu-x-swat@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-x-swat More help : https://help.launchpad.net/ListHelp
