Segfault when scrolling
Submitted by Al Dimond
Assigned to Xorg Project Team
Description
I have been getting fairly regular segfaults with xorg 6.9.0 under FreeBSD 6-stable, using the Trident driver. Usually they occur when I'm dragging a program's scroll bars; it happens especially when the program is being run through ssh/X-tunneling, but has also occurred when using Firefox and Opera locally.
The log file doesn't tell me anything more than that the server received signal 11; I logged in remotely and got a backtrace using GDB, and here's where it gets strange: the binaries I'm using right now don't appear to have debugging symbols in them so I don't know exactly where this is but the backtrace is 1676 deep, which caught my attention. Here is an excerpt:
Program received signal SIGSEGV, Segmentation fault.
0x2825b1b1 in ?? ()
(gdb) bt
#0 0x2825b1b1 in ?? ()
#1 0x00000000 in ?? ()
#2 0x00000000 in ?? ()
#3 0x08fb5a30 in ?? ()
#4 0x08fb5a30 in ?? ()
#5 0x00000000 in ?? ()
#6 0x08fb5000 in ?? ()
#7 0x00000008 in ?? ()
#8 0x00000005 in ?? ()
#9 0x00000010 in ?? ()
#10 0x00000000 in ?? ()
#11 0x00000000 in ?? ()
#12 0x282c44e4 in ?? ()
#13 0x081b0488 in ?? ()
#14 0x08fb5a30 in ?? ()
#15 0xbfbfe6b8 in ?? ()
#16 0x2825ba41 in ?? ()
#17 0x00000000 in ?? ()
#18 0x00000000 in ?? ()
#19 0x00000000 in ?? ()
#20 0x02fc0000 in ?? ()
#21 0x00000000 in ?? ()
#22 0x00000000 in ?? ()
#23 0x00000000 in ?? ()
---Type <return> to continue, or q <return> to quit---
#24 0x00000000 in ?? ()
#25 0x00000000 in ?? ()
#26 0x00000000 in ?? ()
#27 0x00000000 in ?? ()
#28 0x00000000 in ?? ()
#29 0xbfbfe700 in ?? ()
#30 0x082d79c0 in ?? ()
#31 0xbfbfe668 in ?? ()
#32 0x0817cc5d in ?? ()
#33 0xbfbfe700 in ?? ()
#34 0x081c5cb0 in ?? ()
#35 0xbfbfe678 in ?? ()
#36 0x081af3a8 in ?? ()
#37 0x08220258 in ?? ()
#38 0x2879bff8 in ?? ()
#39 0xbfbfe698 in ?? ()
#40 0x286a3b25 in ?? ()
#41 0x00000003 in ?? ()
#42 0xbfbfe700 in ?? ()
...
#1649 0x102454ff in ?? ()
#1650 0x2024448d in ?? ()
#1651 0x5440f750 in ?? ()
#1652 0x00020000 in ?? ()
#1653 0x688e0375 in ?? ()
#1654 0x01a1b814 in ?? ()
#1655 0xcd500000 in ?? ()
---Type <return> to continue, or q <return> to quit---
#1656 0x90feeb80 in ?? ()
#1657 0x102454ff in ?? ()
#1658 0x1424448d in ?? ()
#1659 0x5440f750 in ?? ()
#1660 0x00020000 in ?? ()
#1661 0x688e0375 in ?? ()
#1662 0x0158b814 in ?? ()
#1663 0xcd500000 in ?? ()
#1664 0x90feeb80 in ?? ()
#1665 0x102454ff in ?? ()
#1666 0x1424448d in ?? ()
#1667 0x1840f750 in ?? ()
#1668 0x00020000 in ?? ()
#1669 0x688e0375 in ?? ()
#1670 0x0067b844 in ?? ()
#1671 0xcd500000 in ?? ()
#1672 0x90feeb80 in ?? ()
#1673 0xbfbfecb0 in ?? ()
#1674 0x00000004 in ?? ()
#1675 0xbfbfecc4 in ?? ()
#1676 0x00000013 in ?? ()
Error accessing memory address 0xbfc00000: Bad address.
(gdb)
All addresses from #624 through #1648 are 0x00000000, if that helps.
I don't really want to recompile X with debugging symbols, because the computer in question is a crummy old laptop with overheating issues, but I'm considering it. I haven't found any similar bugs in bugzilla in my searches so far; if I can glean any more info out of my system I'll post it back here.
Version: 6.9.0