Bug 1416197

Summary: [abrt] freeorion: std::__throw_length_error(): freeorion killed by SIGABRT
Product: [Fedora] Fedora Reporter: Peter "Pessoft" Kolínek <pessoft>
Component: freeorionAssignee: Link Dupont <link>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 25CC: cheese, link
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/b027bda23b3aa9bfc3ba8f38e794d86bd5925756
Whiteboard: abrt_hash:9bf8c1190a277f10b60574a12327b60277b18e2e;VARIANT_ID=workstation;
Fixed In Version: freeorion-0.4.6-7.fc25 freeorion-0.4.6-7.fc24 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-02-09 20:24:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: limits
none
File: maps
none
File: mountinfo
none
File: namespaces
none
File: proc_pid_status
none
File: var_log_messages none

Description Peter "Pessoft" Kolínek 2017-01-24 20:33:31 UTC 
Description of problem:
Steps to Reproduce:
1. Build Outpost ship
2. Deploy the outpost on some planet
3. Click on pull-down icon in outpost detail window ( prod/research/trade/supply where all 4 values are 0 )

Actual results:
SIGABRT

Expected results:
Open pull-down window

Version-Release number of selected component:
freeorion-0.4.6-5.fc25

Additional info:
reporter:       libreport-2.8.0
backtrace_rating: 4
cmdline:        freeorion
crash_function: std::__throw_length_error
environ:        
executable:     /usr/bin/freeorion
global_pid:     24740
kernel:         4.9.4-201.fc25.x86_64
open_fds:       
pkg_fingerprint: 4089 D8F2 FDB1 9C98
pkg_vendor:     Fedora Project
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #6 std::__throw_length_error at ../../../../../libstdc++-v3/src/c++11/functexcept.cc:86
 #7 std::vector<float, std::allocator<float> >::reserve at /usr/include/c++/6.3.1/bits/vector.tcc:69
 #8 GG::GLClientAndServerBufferBase<float>::reserve at /usr/src/debug/src-tarball/GG/src/GLClientAndServerBuffer.cpp:63
 #9 MultiMeterStatusBar::Render at /usr/src/debug/src-tarball/UI/MultiMeterStatusBar.cpp:131
 #10 GG::GUI::RenderWindow at /usr/src/debug/src-tarball/GG/src/GUI.cpp:1559
 #15 GG::GUI::Render at /usr/src/debug/src-tarball/GG/src/GUI.cpp:1651
 #16 GG::EventPumpBase::LoopBody at /usr/src/debug/src-tarball/GG/src/EventPump.cpp:75
 #17 GG::ModalEventPump::operator() at /usr/src/debug/src-tarball/GG/src/EventPump.cpp:108
 #18 GG::SDLGUI::Run at /usr/src/debug/src-tarball/GG/src/SDL/SDLGUI.cpp:874
 #19 mainSetupAndRun at /usr/src/debug/src-tarball/client/human/chmain.cpp:284
Comment 1 Peter "Pessoft" Kolínek 2017-01-24 20:33:39 UTC 
Created attachment 1244075 [details]
File: backtrace
Comment 2 Peter "Pessoft" Kolínek 2017-01-24 20:33:40 UTC 
Created attachment 1244076 [details]
File: cgroup
Comment 3 Peter "Pessoft" Kolínek 2017-01-24 20:33:43 UTC 
Created attachment 1244077 [details]
File: core_backtrace
Comment 4 Peter "Pessoft" Kolínek 2017-01-24 20:33:47 UTC 
Created attachment 1244078 [details]
File: dso_list
Comment 5 Peter "Pessoft" Kolínek 2017-01-24 20:33:49 UTC 
Created attachment 1244079 [details]
File: limits
Comment 6 Peter "Pessoft" Kolínek 2017-01-24 20:33:53 UTC 
Created attachment 1244080 [details]
File: maps
Comment 7 Peter "Pessoft" Kolínek 2017-01-24 20:33:54 UTC 
Created attachment 1244081 [details]
File: mountinfo
Comment 8 Peter "Pessoft" Kolínek 2017-01-24 20:33:57 UTC 
Created attachment 1244082 [details]
File: namespaces
Comment 9 Peter "Pessoft" Kolínek 2017-01-24 20:33:59 UTC 
Created attachment 1244083 [details]
File: proc_pid_status
Comment 10 Peter "Pessoft" Kolínek 2017-01-24 20:34:01 UTC 
Created attachment 1244084 [details]
File: var_log_messages
Comment 11 Link Dupont 2017-02-02 05:14:02 UTC 
*** Bug 1412831 has been marked as a duplicate of this bug. ***
Comment 12 Link Dupont 2017-02-02 07:25:02 UTC 
I tracked this down to GG/src/GLClientAndServerBuffer.cpp:63. There is a call (UI/MultiMeterStatusBar.cpp:131) to this function (GLClientAndServerBuffer::reserve) that passes a signed int -1. vector::reserve accepts a type size_type, which is an unsigned int. This signed -1 gets implicitly cast to an unsigned int and overflows, so vector::reserve is actually trying to allocate 18446744073709551615. This throws the length_error since it's larger than max_size() (4611686018427387903).

(lldb) p bar_verts.b_data.max_size()
(size_type) $5 = 4611686018427387903
(lldb) p (size_type) num_segments - 1
(unsigned long) $6 = 18446744073709551615

This looks like an upstream bug. I'll construct a patch and submit a bug report to upstream.
Comment 13 Fedora Update System 2017-02-06 21:37:26 UTC 
freeorion-0.4.6-7.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-1af933c890
Comment 14 Fedora Update System 2017-02-06 21:37:33 UTC 
freeorion-0.4.6-7.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2017-8fd19d638c
Comment 15 Fedora Update System 2017-02-08 02:48:13 UTC 
freeorion-0.4.6-7.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-8fd19d638c
Comment 16 Fedora Update System 2017-02-09 09:19:52 UTC 
freeorion-0.4.6-7.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-1af933c890
Comment 17 Fedora Update System 2017-02-09 20:24:30 UTC 
freeorion-0.4.6-7.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
Comment 18 Fedora Update System 2017-02-09 20:50:42 UTC 
freeorion-0.4.6-7.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.