zsnes crashes with buffer overflow on startup

This version works though:
http://board.zsnes.com/phpBB2/viewtopic.php?t=11513

I can confirm this. Importance should be set to critical when noone can use zsnes.

It crashes on my too on alpha 6 and the daily live build of 9/23

Crash here too.
The ZSNES version that Tanath links works good... I think it is important to update the package to this version, as the current one is not working at all.

Crash in Ubuntu Intrepid Beta with all updates

I have looked into this issue today.
The diff between 1.51 and 1.51b (Tanaths link) is very small. There are only the same fixes for gcc 4.3 which are also in the Ubuntu package und a fix for libao threads.

1.51b crashes for me too, if I compile it with the same settings as the Ubuntu package.
It works if I compile it with --enable-debug and --enable-debbuger and without --enable-release. Very strange.

http://launchpadlibrarian.net/15332596/zsnes_1.510b-1%7Etimo2_i386.deb

This package works in Intrepid Beta.

That package that was just posted doesn't work for me at all,
unfortunately. It segfaults upon launch.

jfreak0126 wrote:
> http://launchpadlibrarian.net/15332596/zsnes_1.510b-1%7Etimo2_i386.deb
>
> This package works in Intrepid Beta.
>
> ** Attachment added: "zsnes_1.510b-1~timo2_i386.deb"
> http://launchpadlibrarian.net/18358430/zsnes_1.510b-1%7Etimo2_i386.deb
>
>

I forgot to mention, I'm using 64-bit here. With every version of Ubuntu I've ever tried, I could install zsnes with force-architecture and it would always run fine. Now in Intrepid, it will either segfault or have a buffer error.

I'll be happy to test a patched 32-bit package on my 64-bit system. The one that was posted in the comment above my previous one segfaults in 64-bit.

I added some printfs to see where it crashes.
It crashes in zstart() in ui.c when trying to asm_call(init) which you can find in init.asm.
My assembler knowledge isn't very good but I hope that helps the triagers.

Seems to be a bug in the ubuntu gcc-4.3:
http://board.zsnes.com/phpBB2/viewtopic.php?t=12093

I installed the debian sid package and zsnes works fine.

I compiled zsnes with ubuntu gcc-4.2 and it doesn't crash anymore when starting it.

Can someone else test it?

$ apt-get source zsnes
# edit debian/rules and add CC=gcc-4.2 before the ./configure stuff.
$ dpkg-buildpackage -rfakeroot

If we don't find the bug in gcc we should compile zsnes with gcc-4.2 as a workaround.

can confirm the bug on the current intrepid update state.
compiling from source with gcc 4.3 does not work so fluently. the code has to be modified to match the gcc 4.3 specifications.

the versions from http://board.zsnes.com/phpBB2/viewtopic.php?t=11513 work unbelievably unperformant.
tested both, generic 586 and core2 (native architecture)

so how about modding the code to gcc 4.3 and making a compile?

sorry, the post says the newest source compiles with gcc 4.3
maybe check out their svn?

I have uploaded a version of zsnes compiled with gcc-4.2 to my ppa:
https://launchpad.net/~sroecker/+archive

It worked for me on i486 but crashed on amd64.

I've been using the version of Zsnes that I attached to this message. I'm not sure where it came from, or what's special about it, but it works on both 32-bit and 64-bit Intrepid (with the right libraries) perfectly. I've had it saved on my hard drive for a VERY long time. (Over a year). You guys can try it out.

Thanks Jeremy, the package you've shared works just fine for me. (I'm on Intrepid RC1)

I realy dont get it to compile in intrepid. The package http://launchpadlibrarian.net/18798999/zsnes_1.510-0ubuntu1_i386.deb works though but the update-manager wants to upgrade it to the one that don't. Downgrade in repository?

i can confirm that this bug still exists in the final version of intrepid

I can confirm that too... if i run it (installed form the easy menu) i won't run

Third confirmation, I'm getting the same thing.

Steffens Package from 2008-10-22 works like a charm here.
Don't know about any 64-bit issues though, using 32 bit here.

I guess a 4.2 recompile is a better solution than taking some 3rd party packages where nobody knows where they came from...
I agree that this is just a workaround. Maybe someone who tried compiling ZSNES with GCC 4.3 should open a new bug report, in the meantime a working 4.2 ZSNES package could be put into the repository (and this one be closed).

> Maybe someone who tried compiling ZSNES with GCC 4.3 should open a new bug report

A new bug report for GCC not ZSNES, that is.

I'm also getting the buffer overflow problem. Installed zsnes from Add/Remove on Ubuntu 8.10 32-bit.

Got the same problem in Intrepid final, Jeremy LaCroix's compile solved it.

this bug isnt assigned to anyone. who is package maintainer of zsnes?
has zsnes to be compiled with gcc 4.3 to be in the repo? when will the repo be updated?

Just want to confirm this bug with the latest updated build of Ubuntu 8.10 Intrepid for 11/19/2008. Attached is an example of the terminal output.

Also, I just want to confirm that the package located http://launchpadlibrarian.net/18798999/zsnes_1.510-0ubuntu1_i386.deb works just fine and also synpatic tries to update the package.

Also crashes with buffer overflow for me on Jaunty Alpha with all updates applied.

Compiling using the following commands allows successful run:
super@nobu-laptop:~$ sudo CC=gcc-4.2 apt-get source --build zsnes

Command line (crash) output attached.

Will this ever be fixed?
This bug is a total disgrace!

I also have this bug.

any chance of an official fix?

can confirm bug reported by tanath.

i have and amd64 processor but i run 32-bit intrepid on it.
the crash dump i get is simmilar.

steffen röckers package works for me btw.

Can confirm that http://launchpadlibrarian.net/18798999/zsnes_1.510-0ubuntu1_i386.deb works perfectly fine, however, it is considered a "downgrade".

$ sudo dpkg --install zsnes_1.510-0ubuntu1_i386.deb
dpkg - warning: downgrading zsnes from 1.510-2.1ubuntu1 to 1.510-0ubuntu1.
(Reading database ... 192706 files and directories currently installed.)
Preparing to replace zsnes 1.510-2.1ubuntu1 (using zsnes_1.510-0ubuntu1_i386.deb) ...
Unpacking replacement zsnes ...
Setting up zsnes (1.510-0ubuntu1) ...

Processing triggers for man-db ...
Processing triggers for menu ...
Processing triggers for doc-base ...
Processing 1 removed doc-base file(s)...
Registering documents with scrollkeeper...

Same bug occurs on 64-bit Intrepid. However, when built on 64-bit intrepid with "CC=gcc-4.2" the problem is resolved, only to be met with a segmentation fault.

Should I file a separate bug for the seg-fault?

I can confirm the bug too. I get the same output as everyone else.

Also using Jeremy's version. Uninstall zsnes, then install his package.
You might want to lock the version of the package using Synaptic as well.

I'm glad my package is working for you guys. I seriously don't remember
where I got it though. I just downloaded it a long time ago and have
been using it with every Ubuntu release ever sense.

Motin wrote:
> Also using Jeremy's version. Uninstall zsnes, then install his package.
> You might want to lock the version of the package using Synaptic as well.
>

I didn't know if this would help anyone or not since I don't know anything about coding and stuff,but if it worked previously, did something happen between then and now?
Anyway here is a link to somewhere... http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=474804
Debian Bug report logs - #474804
zsnes: FTBFS: tools/strutil.h:34: error: 'strncasecmp' was not declared in this scope

Maybe when they fixed this something happened? Not sure.

opps, wrong link and info, https://bugs.launchpad.net/ubuntu/+source/zsnes/+bug/238671

Version 1.510-2.1ubuntu1:

  * Merge from debian unstable, remaining changes (LP: #238671):
    - Add dh_desktop call to debian/rules.
    - Build amd64 package on Ubuntu
    - New .desktop file.
    - Fix some inaccuracies in debian/control file.
    - Change maintainership to Ubuntu MOTU team due to local changes,
      and follow DebianMaintainer spec.

Maybe when they fixed this something happened? Not sure.

I can confirm the bug. Jeremy's package works. Compiling under gcc-4.2 works.

Running Intrepid x86

I am also using http://launchpadlibrarian.net/18798999/zsnes_1.510-0ubuntu1_i386.deb

The problem is an interaction between the uncommon (to put it mildly) way zsnes calls memcpy to restore its global state from the "regsbackup" buffer, and _FORTIFY_SOURCE:

gcc -ggdb3 -pipe -I. -I/usr/local/include -I/usr/include -D__UNIXSDL__ -I/usr/include/SDL -D_GNU_SOURCE=1 -D_REENTRANT -DNO_DEBUGGER -D__LIBAO__ -D__OPENGL__ -march=i486 -O3 -fomit-frame-pointer -fprefetch-loop-arrays -fforce-addr -s -D__RELEASE__ -o initc.o -c initc.c
[...]
In function ‘memcpy’,
    inlined from ‘powercycle’ at initc.c:2624:
/usr/include/bits/string3.h:52: warning: call to __builtin___memcpy_chk will always overflow destination buffer

The corresponding block of code is:

    sramsavedis = 0;
    memcpy(&sndrot, regsbackup, 3019);

And the declaration for the relevant variables, from the same file:

extern unsigned char NextLineCache, sramsavedis, sndrot, regsbackup[3019];

The reason this strange memcpy call will always work correctly is that the storage for sndrot and the rest of the state variables is allocated in assembly (cpu/regs.inc, included from cpu/table.asm), in a way which guarantees that all the correct variables will be sequential in memory, with no padding (sndrot is just the first variable on that block). However, gcc cannot know that; it sees instead an attempt to write 3019 bytes to a single byte-sized variable, which will obviously overflow (and, in fact, overflowing is precisely the desired behaviour!).

The easiest way to fix this is to disable the extra security checks (via -D_FORTIFY_SOURCE=0). There might be other places which use that unusual "design pattern", so simply fixing that memcpy call might not be enough.

zsnes (1.510-2.1ubuntu2) intrepid; urgency=low

  * Fix crash on startup:
    - Compile without FORTIFY_SOURCE.
  * Update Standards-Version to 3.8.0.
  * Fix obsolete build-depends:
    - Changed xutils for x11-utils.
    - Changed xlibmesa-gl-dev for libgl1-mesa-dev.
  * Modify zsnes.desktop:
    - Exec=zsnes -ad sdl, make sound works well.

 -- Allisson Azevedo <email address hidden> Tue, 06 Jan 2009 20:19:18 -0300

I dropped the build-depend and standards changes; they didn't make sense to me. Thanks for the debdiff! It should be trivial to get this uploaded to proposed for intrepid as well.

This bug was fixed in the package zsnes - 1.510-2.1ubuntu2

---------------
zsnes (1.510-2.1ubuntu2) jaunty; urgency=low

  * debian/rules:
    - Compile without _FORTIFY_SOURCE (LP: #250425).
  * zsnes.desktop:
    - Use "-ad sdl", for better sound overall.

 -- Allisson Azevedo <email address hidden> Tue, 06 Jan 2009 20:19:18 -0300

Will this be uploaded to intrepid? The package currently in intrepid is unusable, so having this bug fixed in it too would be a good thing.

I uploaded it to intrepid-proposed already; it is waiting for archive-admin approval. (I'm following: https://wiki.ubuntu.com/StableReleaseUpdates#Procedure )

Accepted into intrepid-proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

I have followed instructions to enable proposed packages but I still cannot get zsnes (1.510-2.1ubuntu2), maybe because my italian archive mirror only has 1.510-2.1ubuntu1?

I can confirm http://archive.ubuntu.com/ubuntu/pool/universe/z/zsnes/zsnes_1.510-2.1ubuntu1.1_i386.deb works on i386 and http://archive.ubuntu.com/ubuntu/pool/universe/z/zsnes/zsnes_1.510-2.1ubuntu1.1_amd64.deb works on AMD64 (does not crash on startup on both, very lightly tested on i386).

The sound seems to work only with -ad sdl (I tested from the command line, not from the menu item which now has -ad sdl).

Since the crash was on startup, I would say this bug is fixed on that i386 package (the AMD64 package did not exist, see bug 184255).

This bug was fixed in the package zsnes - 1.510-2.1ubuntu1.1

---------------
zsnes (1.510-2.1ubuntu1.1) intrepid-proposed; urgency=low

  * debian/rules:
    - Compile without _FORTIFY_SOURCE (LP: #250425).
  * zsnes.desktop:
    - Use "-ad sdl", for better sound overall.

 -- Allisson Azevedo <email address hidden> Tue, 06 Jan 2009 20:19:18 -0300

Great work!

i can confirm that this version works
http://board.zsnes.com/phpBB2/viewtopic.php?t=11513

thanks tanath
i'm searching for a working version