1416197 – [abrt] freeorion: std::__throw_length_error(): freeorion killed by SIGABRT

Bug 1416197 - [abrt] freeorion: std::__throw_length_error(): freeorion killed by SIGABRT

Summary: [abrt] freeorion: std::__throw_length_error(): freeorion killed by SIGABRT

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	freeorion
Sub Component:
Version:	25
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Link Dupont
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	https://retrace.fedoraproject.org/faf...
Whiteboard:	abrt_hash:9bf8c1190a277f10b60574a1232...
Duplicates (1):	1412831 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-01-24 20:33 UTC by Peter "Pessoft" Kolínek
Modified:	2017-02-09 20:50 UTC (History)
CC List:	2 users (show)
Fixed In Version:	freeorion-0.4.6-7.fc25 freeorion-0.4.6-7.fc24
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-02-09 20:24:30 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: backtrace (8.29 KB, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: cgroup (242 bytes, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: core_backtrace (6.09 KB, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: dso_list (8.35 KB, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: limits (1.29 KB, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: maps (91.38 KB, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: mountinfo (3.96 KB, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: namespaces (102 bytes, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: proc_pid_status (1.12 KB, text/plain) 2017-01-24 20:33 UTC, Peter "Pessoft" Kolínek	no flags	Details
File: var_log_messages (640 bytes, text/plain) 2017-01-24 20:34 UTC, Peter "Pessoft" Kolínek	no flags	Details
View All

Description Peter "Pessoft" Kolínek 2017-01-24 20:33:31 UTC

Description of problem:
Steps to Reproduce:
1. Build Outpost ship
2. Deploy the outpost on some planet
3. Click on pull-down icon in outpost detail window ( prod/research/trade/supply where all 4 values are 0 )

Actual results:
SIGABRT

Expected results:
Open pull-down window

Version-Release number of selected component:
freeorion-0.4.6-5.fc25

Additional info:
reporter:       libreport-2.8.0
backtrace_rating: 4
cmdline:        freeorion
crash_function: std::__throw_length_error
environ:        
executable:     /usr/bin/freeorion
global_pid:     24740
kernel:         4.9.4-201.fc25.x86_64
open_fds:       
pkg_fingerprint: 4089 D8F2 FDB1 9C98
pkg_vendor:     Fedora Project
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #6 std::__throw_length_error at ../../../../../libstdc++-v3/src/c++11/functexcept.cc:86
 #7 std::vector<float, std::allocator<float> >::reserve at /usr/include/c++/6.3.1/bits/vector.tcc:69
 #8 GG::GLClientAndServerBufferBase<float>::reserve at /usr/src/debug/src-tarball/GG/src/GLClientAndServerBuffer.cpp:63
 #9 MultiMeterStatusBar::Render at /usr/src/debug/src-tarball/UI/MultiMeterStatusBar.cpp:131
 #10 GG::GUI::RenderWindow at /usr/src/debug/src-tarball/GG/src/GUI.cpp:1559
 #15 GG::GUI::Render at /usr/src/debug/src-tarball/GG/src/GUI.cpp:1651
 #16 GG::EventPumpBase::LoopBody at /usr/src/debug/src-tarball/GG/src/EventPump.cpp:75
 #17 GG::ModalEventPump::operator() at /usr/src/debug/src-tarball/GG/src/EventPump.cpp:108
 #18 GG::SDLGUI::Run at /usr/src/debug/src-tarball/GG/src/SDL/SDLGUI.cpp:874
 #19 mainSetupAndRun at /usr/src/debug/src-tarball/client/human/chmain.cpp:284

Comment 1 Peter "Pessoft" Kolínek 2017-01-24 20:33:39 UTC

Created attachment 1244075 [details]
File: backtrace

Comment 2 Peter "Pessoft" Kolínek 2017-01-24 20:33:40 UTC

Created attachment 1244076 [details]
File: cgroup

Comment 3 Peter "Pessoft" Kolínek 2017-01-24 20:33:43 UTC

Created attachment 1244077 [details]
File: core_backtrace

Comment 4 Peter "Pessoft" Kolínek 2017-01-24 20:33:47 UTC

Created attachment 1244078 [details]
File: dso_list

Comment 5 Peter "Pessoft" Kolínek 2017-01-24 20:33:49 UTC

Created attachment 1244079 [details]
File: limits

Comment 6 Peter "Pessoft" Kolínek 2017-01-24 20:33:53 UTC

Created attachment 1244080 [details]
File: maps

Comment 7 Peter "Pessoft" Kolínek 2017-01-24 20:33:54 UTC

Created attachment 1244081 [details]
File: mountinfo

Comment 8 Peter "Pessoft" Kolínek 2017-01-24 20:33:57 UTC

Created attachment 1244082 [details]
File: namespaces

Comment 9 Peter "Pessoft" Kolínek 2017-01-24 20:33:59 UTC

Created attachment 1244083 [details]
File: proc_pid_status

Comment 10 Peter "Pessoft" Kolínek 2017-01-24 20:34:01 UTC

Created attachment 1244084 [details]
File: var_log_messages

Comment 11 Link Dupont 2017-02-02 05:14:02 UTC

*** Bug 1412831 has been marked as a duplicate of this bug. ***

Comment 12 Link Dupont 2017-02-02 07:25:02 UTC

I tracked this down to GG/src/GLClientAndServerBuffer.cpp:63. There is a call (UI/MultiMeterStatusBar.cpp:131) to this function (GLClientAndServerBuffer::reserve) that passes a signed int -1. vector::reserve accepts a type size_type, which is an unsigned int. This signed -1 gets implicitly cast to an unsigned int and overflows, so vector::reserve is actually trying to allocate 18446744073709551615. This throws the length_error since it's larger than max_size() (4611686018427387903).

(lldb) p bar_verts.b_data.max_size()
(size_type) $5 = 4611686018427387903
(lldb) p (size_type) num_segments - 1
(unsigned long) $6 = 18446744073709551615

This looks like an upstream bug. I'll construct a patch and submit a bug report to upstream.

Comment 13 Fedora Update System 2017-02-06 21:37:26 UTC

freeorion-0.4.6-7.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-1af933c890

Comment 14 Fedora Update System 2017-02-06 21:37:33 UTC

freeorion-0.4.6-7.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2017-8fd19d638c

Comment 15 Fedora Update System 2017-02-08 02:48:13 UTC

freeorion-0.4.6-7.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-8fd19d638c

Comment 16 Fedora Update System 2017-02-09 09:19:52 UTC

freeorion-0.4.6-7.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-1af933c890

Comment 17 Fedora Update System 2017-02-09 20:24:30 UTC

freeorion-0.4.6-7.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.

Comment 18 Fedora Update System 2017-02-09 20:50:42 UTC

freeorion-0.4.6-7.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.