Bug 1575624

Summary: crrcsim crashes on Fedora 28
Product: [Fedora] Fedora Reporter: Jan "Yenya" Kasprzak <kas>
Component: crrcsimAssignee: Damian Wrobel <dwrobel>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 28CC: dwrobel, kas, klaus.crusius
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: https://sourceforge.net/p/crrcsim/bugs/41/
Whiteboard:
Fixed In Version: crrcsim-0.9.13-5.fc28 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-07-20 17:42:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
patch for std::vector usage none

Description Jan "Yenya" Kasprzak 2018-05-07 13:00:45 UTC 
Description of problem:
After upgrading to Fedora 28, I am no longer able to run crrcsim on my Fedora machines.

Version-Release number of selected component (if applicable):
crrcsim-0.9.13-4.fc28.x86_64
crrcsim-addon-models-0.2.0-10.fc28.noarch

How reproducible:
100%

Steps to Reproduce:
1. yum install crrcsim
2. crrcsim

Actual results (terminal output):
$ crrcsim 
Locale : en_US.utf8 Internal codeset: iso8859-15
CRRCsim 0.9.13 started at 2018-5-7 14:56:52
Running on Linux 4.16.5-300.fc28.x86_64
Using plib version 1.8.5
Compiled with SDL version 1.2.15
(Linked SDL version is 1.2.15)
Configured data path: /usr/share/crrcsim
Data file search path:
  .
  /home/kas/.crrcsim
  /usr/share/crrcsim
  /usr/local/share/games/crrcsim
  /usr/share/games/crrcsim
RAND_MAX = 2147483647
Configuration file is /home/kas/.crrcsim/crrcsim.xml
Configuration version is 2
T_Config: Setting location to scenery/davis-orig.xml, sky variant 0
Thermals: strength_mean=5.000000 strength_sigma=1.000000 radius_mean=70.000000 radius_sigma=10.000000
Thermals: density=0.000002 lifetime_mean=240.000000 lifetime_sigma=60.000000
Wind: 7.00 ft/s at 270.00 deg, turbulence (rel.) 1.0
std::string reconfigureInputMethod()
New input method: MOUSE
T_TX_Interface::T_TX_Interface
T_TX_InterfaceSoftware::T_TX_InterfaceSoftware(int method)
T_TX_Mixer::T_TX_Mixer()
int T_TX_InterfaceSoftware::init(SimpleXMLTransfer* config)
int T_TX_Interface::init(SimpleXMLTransfer* config)
T_TX_Mixer::init(cfg, child)
 <-- inputMethod.mouse
Loading mixer settings from inputMethod.mouse:
T_AxisMapper::init(cfg, child)
 <-- inputMethod.mouse
mapper set to radio type 6
Screen resolution : 1920 x 1200 
Loading default videomode from config...
Failed to setup videomode 800x600, fullscreen=0
Failed to setup videomode 800x600, fullscreen=0
Failed to setup videomode 640x480, fullscreen=0
Failed to setup videomode 800x600, fullscreen=0
Using the following rendering mode:
  Renderer:    AMD RV635 (DRM 2.50.0 / 4.16.5-300.fc28.x86_64, LLVM 6.0.0)
  Vendor:      X.Org
  GL version:  3.0 Mesa 18.0.1
  RGBA bpp:    8/8/8/0
  Depth bpp:   24
  Stencil bpp: 8
  Modelview stack: 1 / 32    Projection stack: 1 / 32
Opened audio device: 16 bit signed audio (mono) at 48000 Hz
/usr/include/c++/8/bits/stl_vector.h:932: std::vector<_Tp, _Alloc>::reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp, _Alloc>::size_type) [with _Tp = short int; _Alloc = std::allocator<short int>; std::vector<_Tp, _Alloc>::reference = short int&; std::vector<_Tp, _Alloc>::size_type = long unsigned int]: Assertion '__builtin_expect(__n < this->size(), true)' failed.
Aborted (core dumped)

Expected results:
crrcsim should start and display its main window, as it used to do in f27.

Additional info:
I tried to downgrade crrcsim to f27 version, but it depends on f27 version of boost libs, so this was not possible without downgrading half of my system along :-)
Comment 1 Jan "Yenya" Kasprzak 2018-05-07 14:23:22 UTC 
I forgot to mention that I also tried to remove all additional models and sceneries I had installed, as well as my ~/.crrcsim. But it still behaves the same way.

I grabbed the F27 version of crrcsim (0.9.12-29), recompiled it using "rpmbuild --rebuild", installed, and tried to run it: It also crashes with the same assertion. So I think there is probably an older bug somewhere in crrcsim, which has only been made visible by a newly added assertion in STL or another C++ library.
Comment 2 Damian Wrobel 2018-05-08 08:32:28 UTC 
(In reply to Jan "Yenya" Kasprzak from comment #0)

> /usr/include/c++/8/bits/stl_vector.h:932: std::vector<_Tp,
> _Alloc>::reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp,
> _Alloc>::size_type) [with _Tp = short int; _Alloc = std::allocator<short
> int>; std::vector<_Tp, _Alloc>::reference = short int&; std::vector<_Tp,
> _Alloc>::size_type = long unsigned int]: Assertion '__builtin_expect(__n <
> this->size(), true)' failed.
> Aborted (core dumped)

Having a full callstack would be helpful.
Comment 3 Jan "Yenya" Kasprzak 2018-05-08 14:09:02 UTC 
I ran debuginfo-install crrcsim, and then executed crrcsim inside gdb. The backtrace is this:

(gdb) where
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff466d591 in __GI_abort () at abort.c:79
#2  0x000055555567ea82 in std::__replacement_assert (
    __condition=0x55555568cee0 "__builtin_expect(__n < this->size(), true)", 
    __function=<synthetic pointer>, __line=932, 
    __file=0x55555568cf10 "/usr/include/c++/8/bits/stl_vector.h")
    at /usr/include/c++/8/x86_64-redhat-linux/bits/c++config.h:2389
#3  std::vector<short, std::allocator<short> >::operator[] (__n=0, 
    this=<optimized out>) at /usr/include/c++/8/bits/stl_vector.h:932
#4  T_VariometerSound::init (this=<optimized out>, fmt=<optimized out>)
    at src/crrc_sound.cpp:337
#5  0x000055555567eff8 in T_VariometerSound::T_VariometerSound(SDL_AudioSpec*)
    () at src/crrc_sound.cpp:319
#6  0x00005555555937c9 in main () at src/crrc_main.cpp:733
#7  0x00007ffff466f1bb in __libc_start_main (main=0x5555555911a0 <main>, 
    argc=1, argv=0x7fffffffe728, init=<optimized out>, fini=<optimized out>, 
    rtld_fini=<optimized out>, stack_end=0x7fffffffe718)
    at ../csu/libc-start.c:308
#8  0x00005555555941ea in _start () at src/mod_mode/F3A/handlerF3A.cpp:782
(gdb) 

Feel free to ask for more information.
Comment 4 Jan "Yenya" Kasprzak 2018-07-04 14:13:46 UTC 
Created attachment 1456515 [details]
patch for std::vector usage

OK, I have finally got time to dig into this. The problem is apparently in C++ being a moving target. Apparently std::vector does not only need myvector.reserve(n) in order to be able to use myvector[0] to myvector[n-1], but the values should be added themselves.

With the attached patch I am able to run crrcsim on Fedora 28. I will try to submit it upstream as well, but since the upstream appears to be dormant, I kindly ask to build a new Fedora packages with this patch without waiting for upstream. Thanks!
Comment 5 Damian Wrobel 2018-07-10 18:34:29 UTC 
*** Bug 1580508 has been marked as a duplicate of this bug. ***
Comment 6 Fedora Update System 2018-07-10 19:17:07 UTC 
crrcsim-0.9.13-5.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-e77cd62005
Comment 7 Damian Wrobel 2018-07-10 19:19:41 UTC 
(In reply to Jan "Yenya" Kasprzak from comment #4)
> Created attachment 1456515 [details]
> patch for std::vector usage

Thank you for fixing it.
Comment 8 Fedora Update System 2018-07-11 23:43:05 UTC 
crrcsim-0.9.13-5.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-e77cd62005
Comment 9 Fedora Update System 2018-07-20 17:42:56 UTC 
crrcsim-0.9.13-5.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.