"xauth generate" with large timeout triggers assertion

Hi cbane,

Thanks for including the attached files. Could you also include your /var/log/Xorg.0.log (or Xorg.0.log.old) from after reproducing the issue?

Please attach the output of `lspci -vvnn` too.

[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]

As I mentioned in the original report, there is no relevant data in the Xorg log file. However, I've gone ahead and attached the log file from an Xorg instance killed with this problem.

And here's the output from "lspci -vvnn".

This is not a problem with the NVidia graphics driver. If you look at the backtrace I provided, you can see that the assertion failure occurs within Xorg's security extension (Xext/security.c). Specifically, you can see the assertion failure message in the backtrace: "X: ../../Xext/security.c:322: SecurityAuthorizationExpired: Assertion `pAuth->timer == timer' failed." (entry #3 in the backtrace; the stuff that occurs after that is the implementation of the assertion failure).

Not obvious why the pointers are mismatched in this case and trigger the assert.
This bug report is worth sending upstream.

I just opened a new bug at Xorg's bugzilla earlier this afternoon. Here's the link: https://bugs.freedesktop.org/show_bug.cgi?id=27134

Thanks. The patch on the upstream bug report does not appear to have gone into the official tree, but it looks like a reasonably sane solution to me so I will include it in the lucid xserver.

[This is an automatic notification.]

Hi Courtney,

This bug was reported against an earlier version of Ubuntu, can you
test if it still occurs on Lucid?

Please note we also provide technical support for older versions of
Ubuntu, but not in the bug tracker. Instead, to raise the issue through
normal support channels, please see:

    http://www.ubuntu.com/support

If you are the original reporter and can still reproduce the issue on
Lucid, please run the following command to refresh the report:

  apport-collect 519049

If you are not the original reporter, please file a new bug report, so
we can work with you as the original reporter instead (you can reference
bug 519049 in your report if you think it may be related):

  ubuntu-bug xorg

If by chance you can no longer reproduce the issue on Lucid or if you
feel it is no longer relevant, please mark the bug report 'Fix Released'
or 'Invalid' as appropriate, at the following URL:

  https://bugs.launchpad.net/ubuntu/+bug/519049

I'm still able to reproduce this on Lucid; I've attached an updated backtrace from that. However, the apport-collect command isn't working for me. When I run it, it prints the line "Package xorg-server not installed and no hook available, ignoring" twice, and pops up a dialog that says "No additional information collected."

This bug was fixed in the package xorg-server - 2:1.8.1.901-1ubuntu1

---------------
xorg-server (2:1.8.1.901-1ubuntu1) maverick; urgency=low

  [ Timo Aaltonen ]
  * Merged from Debian experimental, remaining changes:
    - rules, control:
      + Disable SELinux, libaudit-dev is not in main yet (LP 406226).
        Drop libaudit-dev from build-deps.
    - rules: Enable xcsecurity (LP 247537).
    - local/xvfb-run*: Add correct docs about error codes (LP 328205)
    - rules: Add --with-extra-module-dir to support GL alternatives.
    - control: Xvfb depends on xauth, x11-xkb-utils, recommends
      libgl1-mesa-dri. (LP 500102)
    - rules, local/64-xorg-xkb.rules: Don't use keyboard-configuration
      until it's available.
    - debian/patches:
      + 100_rethrow_signals.patch:
        When aborting, re-raise signals for apport
      + 109_fix-swcursor-crash.patch:
        Avoid dereferencing null pointer while reloading cursors during
        resume. (LP 371405)
      + 111_armel-drv-fallbacks.patch:
        Add support for armel driver fallbacks.
      + 121_only_switch_vt_when_active.diff:
        Add a check to prevent the X server from changing the VT when killing
        GDM from the console.
      + 122_xext_fix_card32_overflow_in_xauth.patch:
      + 157_check_null_modes.patch, 162_null_crtc_in_rotation.patch,
        166_nullptr_xinerama_keyrepeat.patch, 167_nullptr_xisbread.patch
        169_mipointer_nullptr_checks.patch,
        172_cwgetbackingpicture_nullptr_check.patch:
        Fix various segfaults in xserver by checking pointers for NULL
        values before dereferencing them.
      + 165_man_xorg_conf_no_device_ident.patch
        Correct man page
      + 168_glibc_trace_to_stderr.patch:
        Report abort traces to stderr instead of terminal
      + 184_virtual_devices_autodetect.patch:
        Use vesa for qemu device, which is not supported by cirrus
      + 187_edid_quirk_hp_nc8430.patch:
        Quirk for another LPL monitor (LP 380009)
      + 188_default_primary_to_first_busid.patch:
        Pick the first device and carry on (LP 459512)
      + 189_xserver_1.5.0_bg_none_root.patch:
        Create a root window with no background.
      + 190_cache-xkbcomp_output_for_fast_start_up.patch:
        Cache keyboard settings.
      + 191-Xorg-add-an-extra-module-path.patch:
        Add support for the alternatives module path.
      + 196_xvfb-fbscreeninit-handling.patch, 197_xvfb-randr.patch:
        Adds xrandr support to xvfb. (LP 516123)
      + 198_nohwaccess.patch:
        Adds a -nohwaccess argument to make X not access the hardware
        ports directly.
      + 200_randr-null.patch:
        Clarify a pointer initialization.
  * Dropped patches:
    - 106_nouveau_autodetect.patch: obsoleted by 15-nouveau.diff
    - 112_xaa-fbcomposite-fix-negative-size.patch: adopted by Debian
    - 113_quell_nouveau_aiglx.patch: obsoleted by 15-nouveau.diff
    - 115_xext_fix_cursor_ref_counting.patch: merged upstream
    - 116_fix_typos_in_swap_functions.patch: merged upstream
    - 118_xkb_fix_garbage_init.patch: merged upstream
    - 123_exa_sys_ptr_nullpointer_check.patch: merged upstream
    - 199_xfvb-help-typo.patch...

Accepted xorg-server into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Tested in Kubuntu. After installing the version from proposed, running the command no longer crashes X.

This bug was fixed in the package xorg-server - 2:1.7.6-2ubuntu7.1

---------------
xorg-server (2:1.7.6-2ubuntu7.1) lucid-proposed; urgency=low

  [Bryce Harrington]
  * Add 123_exa_sys_ptr_nullpointer_check.patch: Patch from upstream to
    verify a pointer is not NULL before dereferencing it. Fixes X
    segfault in miCopyRegion which occurs while using firefox (e.g. typing
    into fields in AOL). Issue found by Jerry Lamos.
    (LP: #539772)
  * Add 19-exa-handle-pixmap-create-destroy-in-lower-layers.diff: Patch
    from Debian to fix X segfault on mouse click in xfig, when pixmaps
    are created in the course of software fallbacks.
    (LP: #553647)
  * debian/rules: Don't reference the package uploader for support; instead point
    users to the standard Ubuntu support page.
    (LP: #589811)

  [Martin Pitt]
  * debian/local/64-xorg-xkb.rules: Ignore XKBMODEL=="SKIP" and
    XKBVARIANT=="U.S. English", which happen to get into
    /etc/default/console-setup in some cases like the VMWare automatic
    installer.
    (LP: #548891)

  [ Christopher James Halse Rogers ]
  * Update 122_xext_fix_card32_overflow_in_xauth.patch to most recent version
    on patchwork tracker. This one actually fixes the crash with xauth
    generate (LP: #519049)
 -- Christopher James Halse Rogers <email address hidden> Mon, 07 Jun 2010 12:56:54 +1000