Hi, I finally got my hands on a Garmin 48 to test with. (running self compiled v0.40 on Sarge, ia32)
# get GPS identity $ gpstrans-0.40 -p/dev/ttyS0 -i 2>/dev/null Connected GPS [/dev/ttyS0] is: Garmin GPS 48 SOFTWARE - V4.60 # download waypoints $ gpstrans-0.40 -p/dev/ttyS0 -dw --debug [... (c) 1998-2005 ...] CheckGPS: sending test packet CheckGPS: sending test packet getGPSVersion: sending product data request Segmentation fault (but every 6th or so time the program works and downloads the data) (gdb) bt f #0 0x400b103b in vsprintf () from /lib/libc.so.6 No symbol table info available. #1 0x4009e98d in sprintf () from /lib/libc.so.6 No symbol table info available. #2 0x0804e9db in getGPSVersion (string=0xbffff8e8) at getgpsinfo.c:344 s = ( BYTE *) 0x806ff22 "824 2128 4128 1143 126 4824 1131 1822 1138 143 2824 128 8136 1131 126 3824 128 5128 8133 125 2824 8133 3125 1125 125 2824 2128 4130 1143 125 3824 1133 3822 1136 143 2824 1131 1143 8128 125 3"... udata = 13362 p = 0x807cff9 " 813362" <Address 0x807d000 out of bounds> tag = 56 '8' n = -78685 temp = " - [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@\001\000\000\000\000\000\000\000|,[EMAIL PROTECTED]@Àè\027@@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]"... err = 0 last = 6 i = 8 data = (BYTE *) 0x805cbc3 "\001" #3 0x0804ed0d in getGPSInfo (refNum=0x40178320, type=3) at getgpsinfo.c:592 total = -1644 done = 0 init = (BYTE *) 0x8056516 "debug" req = (BYTE *) 0x2d <Address 0x2d out of bounds> err = -16385 rType = 0xbffff908 "8ùÿ¿É¦\004\b [EMAIL PROTECTED]" junk = -1073743468 junk_str = 0x805b6e0 "" #4 0x0804a6c9 in main (argc=0, argv=0xbffff9a4) at main.c:439 No locals. As Frankie found in the coredump, the error happens during the sprintf() call in the src/gps/getgpsinfo.c getGPSVersion() fn, line 342. int getGPSVersion (char **string) .. BYTE *data=gGarminMessage+3; ... if (serialCharsAvail()) { /* the device apparently implements the protocol capability protocol */ char *p; BYTE *s=data; BYTE tag; unsigned short udata; int n; getGPSMessage(); n=data[-1]; p=protocols=xmalloc(5*n/3+1); for ( ; n; n-=3) { tag=*s; udata=toshort(s+1); /* translate each protocol tag and data to the string used in the docs */ sprintf(p, " %c%03d", tag, udata); s+=3; p+=5; } *p=0; ... in particular: int n; getGPSMessage(); n=data[-1]; p=protocols=xmalloc(5*n/3+1); n=data[-1]; seems to be bogus (for me gdb "bt full" reports n=-78685), so xmalloc() allocates junk and it segfaults when sprintf() tries to write something to that memory address? if I try ... n=data[-1]; printf("n=%d\n", n); ... I get n=2 which sounds more reasonable, but still the segfault. shrug. let me know if you need more tests, I can act as a dumb (C) terminal. If not, and we are out of time for Etch, I suggest replacing v0.40-2 in sid with 0.39-3 from Sarge. It is slightly less featureful but it works and is very well tested. Note: [2006-12-05] gpstrans REMOVED from testing (Britney) Hamish