578660 – games-simulation/simutrans-0.120.0.1 buffer overflows

Bug 578660 - games-simulation/simutrans-0.120.0.1 buffer overflows

Summary: games-simulation/simutrans-0.120.0.1 buffer overflows

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Games (show other bugs)
Hardware:	AMD64 Linux

Importance:	Normal major (vote)
Assignee:	Gentoo Linux bug wranglers

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2016-03-31 05:43 UTC by David
Modified:	2016-04-05 21:43 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
simutrans debug output (simudebug,28.25 KB, text/plain) 2016-03-31 05:43 UTC, David	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description David 2016-03-31 05:43:45 UTC

Created attachment 429334 [details]
simutrans debug output

I am getting consistent buffer overflow crashes in simutrans. The crashes seem to always occur while I'm actively playing the game.  I've let it plug away running the simulation for a day or two with no crashes, but when I sit down to do any kind of updates, it crashes after a couple minutes to a couple hours.  For my longest run, I saved the game frequently, which seemed to extend the playing period, but it eventually crashed.  I then tried to reload the game, but that crashes with just scrolling the display.  Output of --debug 5 is attached.

BTW, I noticed that 120.1.3 is out, so maybe there is something in a version bump?

Comment 1 David 2016-04-01 04:45:54 UTC

Here is a backtrace from gdb...  

#0  0x00007ffff67a1d37 in raise () from /lib64/libc.so.6
#1  0x00007ffff67a2f89 in abort () from /lib64/libc.so.6
#2  0x00007ffff67dfdb1 in ?? () from /lib64/libc.so.6
#3  0x00007ffff6864d07 in __fortify_fail () from /lib64/libc.so.6
#4  0x00007ffff6862de0 in __chk_fail () from /lib64/libc.so.6
#5  0x00007ffff68622b9 in ?? () from /lib64/libc.so.6
#6  0x00007ffff67e2e40 in _IO_default_xsputn () from /lib64/libc.so.6
#7  0x00007ffff67b64cf in vfprintf () from /lib64/libc.so.6
#8  0x00007ffff6862348 in __vsprintf_chk () from /lib64/libc.so.6
#9  0x00007ffff68622a5 in __sprintf_chk () from /lib64/libc.so.6
#10 0x0000000000491130 in sprintf (__fmt=0x671b69 " %d ms", __s=0x277235a " 53687088") at /usr/include/bits/stdio2.h:34
#11 color_gui_t::draw (this=0x2770ee0, pos=..., size=...) at gui/display_settings.cc:607
#12 0x0000000000514214 in display_win (win=3) at gui/simwin.cc:901
#13 display_all_win () at gui/simwin.cc:934
#14 0x00000000005152e9 in win_display_flush (konto=6300281.4400000004) at gui/simwin.cc:1520
#15 0x00000000005fd3ec in intr_refresh_display (dirty=dirty@entry=false) at simintr.cc:77
#16 0x0000000000634d90 in karte_t::sync_step (this=0x104c830, delta_t=<optimized out>, sync=<optimized out>,
    display=display@entry=true) at simworld.cc:3927
#17 0x00000000005fd481 in interrupt_check (caller_info=caller_info@entry=0x686cf0 "0") at simintr.cc:104
#18 0x00000000005fd4ae in interrupt_check () at simintr.cc:84
#19 0x0000000000640912 in karte_t::interactive (this=this@entry=0x104c830, quit_month=quit_month@entry=2147483647)
    at simworld.cc:6908
#20 0x00000000006044c9 in simu_main (argc=argc@entry=4, argv=argv@entry=0x7fffffffde28) at simmain.cc:1280
#21 0x000000000060fdb7 in sysmain (argc=4, argv=0x7fffffffde28) at simsys.cc:721
#22 0x0000000000662b25 in main (argc=<optimized out>, argv=<optimized out>) at simsys_s.cc:710

Comment 2 Jonas Stein gentoo-dev

2016-04-05 21:43:44 UTC

Thank you for the report and the backtrace. 
To me it looks like a bug in the source (upstream), but not in the ebuild package. 

I suggest to try the latest version: 

games-simulation/simutrans-0.120.1.3
is available in gentoo already.

Is the bug fixed there?

If the bug is still open it could be reported to the simutrans developers.

I close the bug here, because I do not see a connection with gentoo.
Please give further information, if I am wrong.