http://bugzilla.novell.com/show_bug.cgi?id=503846 Summary: Xorg crashes in qemu-kvm very, very often Classification: openSUSE Product: openSUSE 11.2 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: X.Org AssignedTo: bnc-team-xorg-bugs@forge.provo.novell.com ReportedBy: coolo@novell.com QAContact: xorg-maintainer-bugs@forge.provo.novell.com Found By: --- Talking in the office, the cirrus driver update to 1.3.0 might be the reason. I don't remember having this problem earlier. Both gdb and valgrind point to DamangeUngregister having dangling pointers. ==2133== Use of uninitialised value of size 8 ==2133== at 0x8E1ECDA: fbBltOne (fbbltone.c:402) ==2133== by 0x8E25B05: fbPushFill (fbpush.c:150) ==2133== by 0x8E25D19: fbPushImage (fbpush.c:212) ==2133== by 0x8E25DC9: fbPushPixels (fbpush.c:242) ==2133== by 0x53A6F0: damagePushPixels (damage.c:1689) ==2133== by 0x4D173D: miDCPutBits (midispcur.c:396) ==2133== by 0x4D1E82: miDCPutUpCursor (midispcur.c:515) ==2133== by 0x4E193D: miSpriteRestoreCursor (misprite.c:1025) ==2133== by 0x4DB51F: miPointerUpdateSprite (mipointer.c:399) ==2133== by 0x4DB81D: miPointerDisplayCursor (mipointer.c:198) ==2133== by 0x506BFA: CursorDisplayCursor (cursor.c:145) ==2133== by 0x53706F: AnimCurDisplayCursor (animcur.c:258) ==2133== ==2133== Invalid read of size 8 ==2133== at 0x539073: DamageUnregister (damage.c:1697) ==2133== by 0x903045A: shadowRemove (shadow.c:219) ==2133== by 0x9030953: shadowCloseScreen (shadow.c:103) ==2133== by 0x506A78: CursorCloseScreen (cursor.c:186) ==2133== by 0x536EB2: AnimCurCloseScreen (animcur.c:136) ==2133== by 0x43379B: main (main.c:429) ==2133== Address 0x78959b8 is 0 bytes inside a block of size 136 free'd ==2133== at 0x4C246AF: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==2133== by 0x4E233D: miSpriteCloseScreen (misprite.c:316) ==2133== by 0x506A78: CursorCloseScreen (cursor.c:186) ==2133== by 0x536EB2: AnimCurCloseScreen (animcur.c:136) ==2133== by 0x43379B: main (main.c:429) ==2133== ==2133== Invalid write of size 8 ==2133== at 0x539085: DamageUnregister (damage.c:1701) ==2133== by 0x903045A: shadowRemove (shadow.c:219) ==2133== by 0x9030953: shadowCloseScreen (shadow.c:103) ==2133== by 0x506A78: CursorCloseScreen (cursor.c:186) ==2133== by 0x536EB2: AnimCurCloseScreen (animcur.c:136) ==2133== by 0x43379B: main (main.c:429) ==2133== Address 0x78959b8 is 0 bytes inside a block of size 136 free'd ==2133== at 0x4C246AF: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==2133== by 0x4E233D: miSpriteCloseScreen (misprite.c:316) ==2133== by 0x506A78: CursorCloseScreen (cursor.c:186) ==2133== by 0x536EB2: AnimCurCloseScreen (animcur.c:136) ==2133== by 0x43379B: main (main.c:429) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.