iceauth can dump a core in auth_initialize() if a signal is caught before iceauth_filename has been malloced.
Yep - was able to trigger it by running on Solaris and using dtrace to fire a signal in auth_initialize between the call to register_signals() and the malloc of iceauth_filename. Stack trace showed crash in: program terminated by signal SEGV (no mapping at the fault address) 0xfef74e0f: IceUnlockAuthFile+0x0027: repnz scasb Current function is auth_finalize 726 IceUnlockAuthFile (iceauth_filename); (dbx) where [1] IceUnlockAuthFile(0x0), at 0xfef74e0f =>[2] auth_finalize(), line 726 in "process.c" [3] die(sig = 1), line 501 in "process.c" [4] catchsig(sig = 1), line 523 in "process.c" [5] __sighndlr(0x1, 0x0, 0x8047860, 0x80534a0), at 0xfef1d39f [6] call_user_handler(0x1, 0x0, 0x8047860), at 0xfef128ab [7] sigacthandler(0x1, 0x0, 0x8047860, 0xf, 0x0, 0x0), at 0xfef12a52 ---- called from signal handler with signal 1 (SIGHUP) ------ [8] auth_initialize(authfilename = 0x80681d0 "/.ICEauthority"), line 584 in "process.c" [9] main(argc = 1, argv = 0x8047af0), line 157 in "iceauth.c" Adding a test for NULL filename before calling IceUnlockAuthFile cleared the crash, but left the lock file behind. Moving the initialization of authfilename to earlier in auth_initialize allowed the locks to be cleaned up as well. Committed fix to git master in commit 0022cf7baf11bccea0024d0dc8c1ecc37e46ef3d.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct.