Now, GDB has debugging information for libX11; it knows where the crash happened.
(gdb) up
#1 0x00c82c14 in _XError (dpy=0x1809e00, rep=0xbfffe1d8) at XlibInt.c:2905
2905 rtn_val = (*_XErrorFunction)(dpy, (XErrorEvent *)&event); /* upcall */
(gdb) up
#2 0x00c848d1 in _XReply (dpy=0x1809e00, rep=0xbfffe1d8, extra=0, discard=0) at XlibInt.c:1831
1831 _XError(dpy, err);
(gdb) up
#3 0x00c63c52 in XGetMotionEvents (dpy=0x1809e00, start=0, stop=0, w=0, nEvents=0xbfffe248) at GetMoEv.c:51
51 if (!_XReply (dpy, (xReply *)&rep, 0, xFalse)) {
(gdb) up
#4 0x00a4144f in gdk_device_get_history ()
(gdb) down
#3 0x00c63c52 in XGetMotionEvents (dpy=0x1809e00, start=0, stop=0, w=0, nEvents=0xbfffe248) at GetMoEv.c:51
51 if (!_XReply (dpy, (xReply *)&rep, 0, xFalse)) {
(gdb) list
46 GetReq(GetMotionEvents, req);
47 req->window = w;
48 /* XXX is this right for all machines? */
49 req->start = start;
50 req->stop = stop;
51 if (!_XReply (dpy, (xReply *)&rep, 0, xFalse)) {
52 UnlockDisplay(dpy);
53 SyncHandle();
54 return (NULL);
55 }
This isn't horribly helpful, other than we see that the 'w' parameter to XGetMotionEvents is supposed to be a window, and it's being passed '0', which doesn't look right. If you continue the program in gdb and let it crash, the error message is:
The error was 'BadWindow (invalid Window parameter)'.
So, the problem seems to be that Window parameter.
Where to go from here? We need to figure out why gdk_device_get_history is calling XGetMotionEvents with w=0, but we have no debugging symbols. The next step will be finding a copy of the gdk source code, building it with debugging symbols, replacing the libgdk in the Gimp.app bundle, and repeating the above exercise.
I hope this proves helpful. Thanks for reading!
--