gnome-shell crashed with SIGSEGV in ___vsnprintf_chk()

StacktraceTop:
 ___vsnprintf_chk (s=0x0, maxlen=<optimized out>, flags=1, slen=<optimized out>, format=0x7f1fe54ccae5 "%s%s", args=args@entry=0x7f1fce502da8) at vsnprintf_chk.c:55
 ___snprintf_chk (s=<optimized out>, maxlen=<optimized out>, flags=flags@entry=1, slen=slen@entry=18446744073709551615, format=format@entry=0x7f1fe54ccae5 "%s%s") at snprintf_chk.c:34
 snprintf (__fmt=0x7f1fe54ccae5 "%s%s", __n=<optimized out>, __s=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/stdio2.h:64
 XauFileName () at ../AuFileName.c:83
 XauGetBestAuthByAddr (family=256, address_length=5, address=0x7f1fce502f80 "phhug", number_length=4, number=0x7f1fce502f50 "1024", types_length=2, types=0x7f1fecc671a0 <authnames>, type_lengths=0x7f1fecc67198 <authnameslen>) at ../AuGetBest.c:74

Status changed to 'Confirmed' because the bug affects multiple users.

Seems the problems stopped around gnome-shell 3.34.

It looks like this was the issue:

https://gitlab.freedesktop.org/xorg/lib/libxau/-/commit/987fee49dc1750082cfe6e24833379233777a13b

I've sponsored the debdiff to bionic's queue

Hello BavarianPH, or anyone else affected,

Accepted libxau into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/libxau/1:1.0.8-1ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

All autopkgtests for the newly accepted libxau (1:1.0.8-1ubuntu1) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

plasma-workspace/4:5.12.9-0ubuntu0.1 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#libxau

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

the test got retried and is green now

OK then. Just needs sanity checking. Which means I need to build a bionic machine.

I've now verified libxau version 1:1.0.8-1ubuntu1 works on bionic (amd64). There's no test case other than that.

This bug was fixed in the package libxau - 1:1.0.8-1ubuntu1

---------------
libxau (1:1.0.8-1ubuntu1) bionic; urgency=medium

  * Add debian/patches/fix-lp1559650.patch to fix a common segfault in
    ___vsnprintf_chk() that's crashing gnome-shell (LP: #1559650)

 -- Daniel van Vugt <email address hidden> Tue, 21 Apr 2020 15:33:06 +0800

The verification of the Stable Release Update for libxau has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.