Bug#433809: enemylines3: SIGSEGV in strlen

Thu Jul 19 15:06:59 UTC 2007

X-Reportbug-Version: 3.38
X-Debbugs-Cc: philipp at marek.priv.at
Package: enemylines3
Version: 1.2-4
Severity: important

Playing enemylines3 I get SIGSEGV in the third level (defend the base).

Here's a bit of data:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 47081701083632 (LWP 28847)]
0x00002ad20bdaa410 in strlen () from /lib/libc.so.6

(gdb) info stack
#0  0x00002ad20bdaa410 in strlen () from /lib/libc.so.6
#1  0x000000000041299f in ?? ()
#2  0x000000000040a715 in ?? ()
#3  0x0000000000414722 in ?? ()
#4  0x00000000004156a2 in ?? ()
#5  0x00002ad20bd4fb04 in __libc_start_main () from /lib/libc.so.6
#6  0x0000000000403eb9 in ?? ()
#7  0x00007fffa02f7988 in ?? ()
#8  0x0000000000000000 in ?? ()
(gdb) info registers
rax            0x0	0
rbx            0x0	0
rcx            0x0	0
rdx            0x907340	9466688
rsi            0x933560	9647456
rdi            0x0	0
rbp            0x8f12e0	0x8f12e0
rsp            0x7fffa02f7208	0x7fffa02f7208
r8             0xfefefefefefefeff	-72340172838076673
r9             0x3f800000	1065353216
r10            0x1	1
r11            0x2ad20cd68350	47081646883664
r12            0x8f13a0	9376672
r13            0x647fa0	6586272
r14            0xc3dc	50140
r15            0x7fffa02f73a0	140735880852384
rip            0x2ad20bdaa410	0x2ad20bdaa410 <strlen+48>
eflags         0x10246	[ PF ZF IF RF ]
cs             0x33	51
ss             0x2b	43
ds             0x0	0
es             0x0	0
fs             0x0	0
gs             0x0	0
fctrl          0x37f	895
fstat          0x20	32
ftag           0xffff	65535
fiseg          0x0	0
fioff          0x0	0
foseg          0x0	0
fooff          0x0	0
fop            0x0	0
mxcsr          0x1fa5	[ IE ZE PE IM DM ZM OM UM PM ]
(gdb) disas 0x412940 0x4129d0
Dump of assembler code from 0x412940 to 0x4129d0:
0x0000000000412940:	push   %r15
0x0000000000412942:	push   %r14
0x0000000000412944:	push   %r13
0x0000000000412946:	push   %r12
0x0000000000412948:	push   %rbp
0x0000000000412949:	push   %rbx
0x000000000041294a:	sub    $0x98,%rsp
0x0000000000412951:	callq  0x4061e0
0x0000000000412956:	test   %al,%al
0x0000000000412958:	jne    0x412ad7
0x000000000041295e:	cmpb   $0x0,2317387(%rip)        # 0x6485b0
0x0000000000412965:	je     0x412ad7
0x000000000041296b:	cmpb   $0x0,2317375(%rip)        # 0x6485b1
0x0000000000412972:	je     0x412b37
0x0000000000412978:	mov    2317345(%rip),%rbx        # 0x6485a0
0x000000000041297f:	movq   $0x647fb8,0x30(%rsp)
0x0000000000412988:	mov    $0x647fa0,%r13d
0x000000000041298e:	movq   $0x647fb8,0x20(%rsp)
0x0000000000412997:	mov    %rbx,%rdi

0x000000000041299a:	callq  0x403700 <strlen at plt>

0x000000000041299f:	mov    %rbx,%rsi
0x00000000004129a2:	mov    %rax,%rdx
0x00000000004129a5:	lea    0x30(%rsp),%rdi
0x00000000004129aa:	callq  0x403a40 <_ZNSs6assignEPKcm at plt>
0x00000000004129af:	callq  0x434800
0x00000000004129b4:	mov    %eax,0x4(%rsp)
0x00000000004129b8:	callq  0x4347f0
0x00000000004129bd:	mov    0x4(%rsp),%r14d
0x00000000004129c2:	lea    0x50(%rsp),%r15
0x00000000004129c7:	mov    %eax,0x8(%rsp)
0x00000000004129cb:	movl   $0x0,0x18(%rsp)
End of assembler dump.

%rdi is loaded from %rbx, which is set a few lines above from 
an address in the executable ... which is an empty string.
How does that happen?

I'm available for further questions.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.21-2-amd64 (SMP w/1 CPU core)
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages enemylines3 depends on:
ii  libc6                   2.6-2            GNU C Library: Shared libraries
ii  libcurl3                7.16.2-6         Multi-protocol file transfer 
libra
ii  libgcc1                 1:4.2-20070712-1 GCC support library
ii  libgl1-mesa-glx [libgl1 6.5.2-7          A free implementation of the 
OpenG
ii  libglu1-mesa [libglu1]  6.5.2-7          The OpenGL utility library (GLU)
ii  libsdl-mixer1.2         1.2.6-2          mixer library for Simple 
DirectMed
ii  libsdl-ttf2.0-0         2.0.8-3+b1       ttf library for Simple 
DirectMedia
ii  libsdl1.2debian         1.2.11-9         Simple DirectMedia Layer
ii  libstdc++6              4.2-20070712-1   The GNU Standard C++ Library v3
ii  ttf-bitstream-vera      1.10-7           The Bitstream Vera family of free 

enemylines3 recommends no packages.

-- no debconf information

-- 
Versioning your /etc, /home or even your whole installation?
             Try fsvs (fsvs.tigris.org)!