I finally managed to get debugging symbols. Here's a copy of my gdb
session:
Program received signal SIGSEGV, Segmentation fault.
0x080e3cb3 in cfb16ClippedLineCopy (pDrawable=0x8637418, pGC=0x86960e0, x1=0,
y1=0, x2=0, y2=0, boxp=0x8692ec0, shorten=1) at cfb8lineCO.c:1474
(gdb) bt
#0 0x080e3cb3 in cfb16ClippedLineCopy (pDrawable=0x8637418, pGC=0x86960e0,
x1=0, y1=0, x2=0, y2=0, boxp=0x8692ec0, shorten=1) at cfb8lineCO.c:1474
#1 0x080e3638 in cfb16LineSS1Rect (pDrawable=0x8637418, pGC=0x86960e0, mode=0,
npt=53, pptInit=0x863ace0) at cfb8lineCO.c:1220
#2 0x0806d98d in ProcPolyLine (client=0x86101b0) at dispatch.c:1849
#3 0x08069d6d in Dispatch () at dispatch.c:450
#4 0x080512c7 in main (argc=23, argv=0xbfd2d054, envp=0xbfd2d0b4) at main.c:435
(gdb) x/4i $eip
0x80e3cb3 <cfb16ClippedLineCopy+1626>: mov %ax,(%edx)
(gdb) p/x $edx
$3 = 0xb7525802
(gdb) p addrp
$7 = (PixelType *) 0xb7525802
(gdb) shell cat /proc/31722/maps
08048000-08544000 r-xp 00000000 09:00 1200927 /usr/bin/Xvnc4
08544000-08585000 rw-p 004fb000 09:00 1200927 /usr/bin/Xvnc4
08585000-08a2b000 rw-p 08585000 00:00 0 [heap]
b732e000-b736f000 rw-p b732e000 00:00 0
b7526000-b76a6000 rw-s 00000000 00:08 1045168129 /SYSV00000000 (deleted)
b76a6000-b7827000 rw-p b76a6000 00:00 0
b79a7000-b7caa000 rw-p b79a7000 00:00 0
b7caa000-b7de2000 r-xp 00000000 09:00 1197151 /lib/libc-2.7.so
b7de2000-b7de3000 r--p 00138000 09:00 1197151 /lib/libc-2.7.so
b7de3000-b7de5000 rw-p 00139000 09:00 1197151 /lib/libc-2.7.so
b7de5000-b7de8000 rw-p b7de5000 00:00 0
b7de8000-b7df4000 r-xp 00000000 09:00 1197166 /lib/libgcc_s.so.1
b7df4000-b7df5000 rw-p 0000b000 09:00 1197166 /lib/libgcc_s.so.1
b7df5000-b7df6000 rw-p b7df5000 00:00 0
b7df6000-b7e1a000 r-xp 00000000 09:00 1197170 /lib/libm-2.7.so
b7e1a000-b7e1c000 rw-p 00023000 09:00 1197170 /lib/libm-2.7.so
b7e1c000-b7eff000 r-xp 00000000 09:00 1316616 /usr/lib/libstdc++.so.6.0.10
b7eff000-b7f02000 r--p 000e2000 09:00 1316616 /usr/lib/libstdc++.so.6.0.10
b7f02000-b7f04000 rw-p 000e5000 09:00 1316616 /usr/lib/libstdc++.so.6.0.10
b7f04000-b7f0a000 rw-p b7f04000 00:00 0
b7f0a000-b7f1e000 r-xp 00000000 09:00 1316793 /usr/lib/libz.so.1.2.3.3
b7f1e000-b7f1f000 rw-p 00013000 09:00 1316793 /usr/lib/libz.so.1.2.3.3
b7f37000-b7f3b000 rw-s 00000000 00:08 1045594115 /SYSV00000000 (deleted)
b7f3b000-b7f3d000 rw-p b7f3b000 00:00 0
b7f3d000-b7f3e000 r-xp b7f3d000 00:00 0 [vdso]
b7f3e000-b7f58000 r-xp 00000000 09:00 1197142 /lib/ld-2.7.so
b7f58000-b7f5a000 rw-p 0001a000 09:00 1197142 /lib/ld-2.7.so
bfd19000-bfd2e000 rw-p bfd19000 00:00 0 [stack]
-- vnc4server tries to write to memory which is not mapped at all but
-- slighly (by 2046 bytes) before a mapping that probably is the
-- framebuffer. Observe that (0xb76a6000 - 0xb7526000) = 1024*768*2
(gdb) p *boxp
$5 = {
x1 = 0,
y1 = 0,
x2 = 1024,
y2 = 768
}
(gdb) p addr + (y1 * nwidth) + x1
$8 = (PixelType *) 0xb7526000
-- this is the start address, written to addrp on line 1385
(gdb) p stepx
$9 = 1
(gdb) p stepy
$10 = -1024
-- so line 1437 will actually decrease the value addrp!
(gdb) p *pGC
$27 = {
pScreen = 0x85b0a38,
depth = 16 '\020',
alu = 3 '\003',
lineWidth = 0,
dashOffset = 0,
numInDashList = 2,
dash = 0x8546648 "\004\004",
lineStyle = 0,
capStyle = 1,
joinStyle = 0,
fillStyle = 0,
fillRule = 0,
arcMode = 1,
subWindowMode = 0,
graphicsExposures = 0,
clientClipType = 2,
miTranslate = 1,
tileIsPixel = 1,
fExpose = 1,
freeCompClip = 1,
unused = 95,
planemask = 4294967295,
fgPixel = 0,
bgPixel = 1,
tile = {
pixmap = 0x0,
pixel = 0
},
stipple = 0x8690580,
patOrg = {
x = 220,
y = 233
},
font = 0x85d4578,
clipOrg = {
x = 0,
y = 0
},
lastWinOrg = {
x = 0,
y = 0
},
clientClip = 0x889da58,
stateChanges = 0,
serialNumber = 1511,
funcs = 0x856d6e0,
ops = 0x8548320,
devPrivates = 0x86a5550,
pRotatedPixmap = 0x0,
pCompositeClip = 0x86a5f38
}
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
