Bug 10739 - iceauth dumps core
iceauth dumps core
Status: RESOLVED FIXED
Product: xorg
Classification: Unclassified
Component: App/other
git
Other All
: medium normal
Assigned To: Xorg Project Team
Xorg Project Team
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-04-24 07:06 UTC by didier
Modified: 2007-05-16 20:15 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description didier 2007-04-24 07:06:45 UTC
iceauth can dump a core in  auth_initialize() if a signal is caught before iceauth_filename has been malloced.
Comment 1 Alan Coopersmith 2007-05-16 20:15:39 UTC
Yep - was able to trigger it by running on Solaris and using dtrace to fire a
signal in auth_initialize between the call to register_signals() and the malloc
of iceauth_filename.

Stack trace showed crash in:

program terminated by signal SEGV (no mapping at the fault address)
0xfef74e0f: IceUnlockAuthFile+0x0027:   repnz scasb  
Current function is auth_finalize
  726           IceUnlockAuthFile (iceauth_filename);
(dbx) where
  [1] IceUnlockAuthFile(0x0), at 0xfef74e0f 
=>[2] auth_finalize(), line 726 in "process.c"
  [3] die(sig = 1), line 501 in "process.c"
  [4] catchsig(sig = 1), line 523 in "process.c"
  [5] __sighndlr(0x1, 0x0, 0x8047860, 0x80534a0), at 0xfef1d39f 
  [6] call_user_handler(0x1, 0x0, 0x8047860), at 0xfef128ab 
  [7] sigacthandler(0x1, 0x0, 0x8047860, 0xf, 0x0, 0x0), at 0xfef12a52 
  ---- called from signal handler with signal 1 (SIGHUP) ------
  [8] auth_initialize(authfilename = 0x80681d0 "/.ICEauthority"), line 584 in "process.c"
  [9] main(argc = 1, argv = 0x8047af0), line 157 in "iceauth.c"

Adding a test for NULL filename before calling IceUnlockAuthFile cleared the 
crash, but left the lock file behind.    Moving the initialization of 
authfilename to earlier in auth_initialize allowed the locks to be cleaned up
as well.

Committed fix to git master in commit 0022cf7baf11bccea0024d0dc8c1ecc37e46ef3d.