iceauth can dump a core in auth_initialize() if a signal is caught before iceauth_filename has been malloced.
Yep - was able to trigger it by running on Solaris and using dtrace to fire a signal in auth_initialize between the call to register_signals() and the malloc of iceauth_filename. Stack trace showed crash in: program terminated by signal SEGV (no mapping at the fault address) 0xfef74e0f: IceUnlockAuthFile+0x0027: repnz scasb Current function is auth_finalize 726 IceUnlockAuthFile (iceauth_filename); (dbx) where [1] IceUnlockAuthFile(0x0), at 0xfef74e0f =>[2] auth_finalize(), line 726 in "process.c" [3] die(sig = 1), line 501 in "process.c" [4] catchsig(sig = 1), line 523 in "process.c" [5] __sighndlr(0x1, 0x0, 0x8047860, 0x80534a0), at 0xfef1d39f [6] call_user_handler(0x1, 0x0, 0x8047860), at 0xfef128ab [7] sigacthandler(0x1, 0x0, 0x8047860, 0xf, 0x0, 0x0), at 0xfef12a52 ---- called from signal handler with signal 1 (SIGHUP) ------ [8] auth_initialize(authfilename = 0x80681d0 "/.ICEauthority"), line 584 in "process.c" [9] main(argc = 1, argv = 0x8047af0), line 157 in "iceauth.c" Adding a test for NULL filename before calling IceUnlockAuthFile cleared the crash, but left the lock file behind. Moving the initialization of authfilename to earlier in auth_initialize allowed the locks to be cleaned up as well. Committed fix to git master in commit 0022cf7baf11bccea0024d0dc8c1ecc37e46ef3d.
bug/show.html.tmpl processed on Sep 30, 2016 at 03:18:25. (provided by the Example extension).