| Summary: | assertion fail nMapNum >= 0 in ImplLogicToPixel | ||
|---|---|---|---|
| Product: | LibreOffice | Reporter: | sam tygier <samtygier> |
| Component: | filters and storage | Assignee: | Bartosz <gang65> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | normal | CC: | aron.budea, gang65, serval2412, xiscofauli |
| Priority: | medium | Keywords: | filter:pptx, haveBacktrace |
| Version: | 5.2 all versions | ||
| Hardware: | x86-64 (AMD64) | ||
| OS: | Linux (All) | ||
| Whiteboard: | |||
| Crash report or crash signature: | Regression By: | ||
| Bug Depends on: | |||
| Bug Blocks: | 105537 | ||
| Attachments: |
gdb log
bt with debug symbols bt with debug symbols |
||
Created attachment 137730 [details]
gdb log
Assertion checks are only compiled into debug builds, therefore you will never encounter assetion failures in release builds. No need to bother with bibisecting. Assertion failure reproduced. Version: 6.0.0.0.alpha1+ Build ID: 31b26130d90d4746cbb126fd9b6c1cb3487f644f CPU threads: 16; OS: Linux 4.10; UI render: default; VCL: gtk3; Locale: en-US (en_US.UTF-8); Calc: group OK. I get the same assertion fail with a self built 5.4 soffice.bin: /usr/local/src/libreoffice/core/vcl/source/outdev/map.cxx:374: long int ImplLogicToPixel(long int, long int, long int, long int, long int): Assertion `nMapNum >= 0' failed. Version: 5.4.2.2.0+ Build ID: 31423b7d44216606cac52ebaf4eab02f469c478f CPU threads: 4; OS: Linux 4.13; UI render: default; VCL: gtk3; Locale: en-GB (en_GB.utf8); Calc: group I can also reproduce in Version: 5.2.0.1.0+ Build ID: 8851333f8aafe84ca9479faf24d9164035aff520 CPU threads: 4; OS: Linux 4.13; UI render: default; Locale: en-GB (en_GB.utf8) Created attachment 143070 [details]
bt with debug symbols
On pc Debian x86-64 with master sources updated today, I could reproduce this.
I had to scroll several slides to have it.
Dear sam tygier, To make sure we're focusing on the bugs that affect our users today, LibreOffice QA is asking bug reporters and confirmers to retest open, confirmed bugs which have not been touched for over a year. There have been thousands of bug fixes and commits since anyone checked on this bug report. During that time, it's possible that the bug has been fixed, or the details of the problem have changed. We'd really appreciate your help in getting confirmation that the bug is still present. If you have time, please do the following: Test to see if the bug is still present with the latest version of LibreOffice from https://www.libreoffice.org/download/ If the bug is present, please leave a comment that includes the information from Help - About LibreOffice. If the bug is NOT present, please set the bug's Status field to RESOLVED-WORKSFORME and leave a comment that includes the information from Help - About LibreOffice. Please DO NOT Update the version field Reply via email (please reply directly on the bug tracker) Set the bug's Status field to RESOLVED - FIXED (this status has a particular meaning that is not appropriate in this case) If you want to do more to help you can test to see if your issue is a REGRESSION. To do so: 1. Download and install oldest version of LibreOffice (usually 3.3 unless your bug pertains to a feature added after 3.3) from http://downloadarchive.documentfoundation.org/libreoffice/old/ 2. Test your bug 3. Leave a comment with your results. 4a. If the bug was present with 3.3 - set version to 'inherited from OOo'; 4b. If the bug was not present in 3.3 - add 'regression' to keyword Feel free to come ask questions or to say hello in our QA chat: https://kiwiirc.com/nextclient/irc.freenode.net/#libreoffice-qa Thank you for helping us make LibreOffice even better for everyone! Warm Regards, QA Team MassPing-UntouchedBug Created attachment 162229 [details]
bt with debug symbols
On pc Debian x86-64 with master sources updated today, I could still reproduce this.
Here's an updated bt.
No crash in Version: 7.4.0.0.alpha0+ / LibreOffice Community Build ID: 49ee1c889665c3539fa9a1c99a865a42fc08ee97 CPU threads: 8; OS: Linux 5.10; UI render: default; VCL: gtk3 Locale: es-ES (es_ES.UTF-8); UI: en-US Calc: threaded Could someelse confirm ? On pc Debian x86-64 with master sources updated today, I don't reproduce this. Also, no crash with LO Debian package 7.3.1 (In reply to Julien Nabet from comment #10) > On pc Debian x86-64 with master sources updated today, I don't reproduce > this. > Also, no crash with LO Debian package 7.3.1 Hi Julien, Thanks for checking. Let's close it then |
Description: Opening a specific pptx I get a crash. (Full GDB log attached) #0 0x00007ffff73998df in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007ffff739b4da in __GI_abort () at abort.c:89 #2 0x00007ffff7391d67 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@entry=0x7fffecb5a491 "nMapNum >= 0", file=file@entry=0x7fffecb5a3e8 "/usr/local/src/libreoffice/core/vcl/source/outdev/map.cxx", line=line@entry=359, function=function@entry=0x7fffecb5acc0 <ImplLogicToPixel(long, long, long, long, long)::__PRETTY_FUNCTION__> "long int ImplLogicToPixel(long int, long int, long int, long int, long int)") at assert.c:92 #3 0x00007ffff7391e12 in __GI___assert_fail (assertion=0x7fffecb5a491 "nMapNum >= 0", file=0x7fffecb5a3e8 "/usr/local/src/libreoffice/core/vcl/source/outdev/map.cxx", line=359, function=0x7fffecb5acc0 <ImplLogicToPixel(long, long, long, long, long)::__PRETTY_FUNCTION__> "long int ImplLogicToPixel(long int, long int, long int, long int, long int)") at assert.c:101 #4 0x00007fffec442b1d in ImplLogicToPixel(long, long, long, long, long) (n=-31131, nDPI=96, nMapNum=-1, nMapDenom=2032, nThres=48038396025285285) at /usr/local/src/libreoffice/core/vcl/source/outdev/map.cxx:359 #5 0x00007fffec443828 in OutputDevice::ImplLogicToDevicePixel(tools::Polygon const&) const (this=0x7868610, rLogicPoly=...) at /usr/local/src/libreoffice/core/vcl/source/outdev/map.cxx:544 #6 0x00007fffec3f6b3b in OutputDevice::DrawPolygon(tools::Polygon const&) (this=0x7868610, rPoly=...) at /usr/local/src/libreoffice/core/vcl/source/outdev/polygon.cxx:223 #7 0x00007fffec3f64ac in OutputDevice::DrawPolyPolygon(tools::PolyPolygon const&) (this=0x7868610, rPolyPoly=...) at /usr/local/src/libreoffice/core/vcl/source/outdev/polygon.cxx:122 #8 0x00007fffc18cbf54 in emfio::MtfTools::ImplDrawBitmap(Point const&, Size const&, BitmapEx const&) (this=0x7ffffffebc40, rPos=..., rSize=..., rBitmap=...) at /usr/local/src/libreoffice/core/emfio/source/reader/mtftools.cxx:1633 #9 0x00007fffc18cd6fa in emfio::MtfTools::ResolveBitmapActions(std::__debug::vector<std::unique_ptr<emfio::BSaveStruct, std::default_delete<emfio::BSaveStruct> >, std::allocator<std::unique_ptr<emfio::BSaveStruct, std::default_delete<emfio::BSaveStruct> > > >&) (this=0x7ffffffebc40, rSaveList=std::__debug::vector of length 1, capacity 1 = {...}) at /usr/local/src/libreoffice/core/emfio/source/reader/mtftools.cxx:1921 #10 0x00007fffc18e5110 in emfio::EmfReader::ReadEnhWMF() (this=0x7ffffffebc40) at /usr/local/src/libreoffice/core/emfio/source/reader/emfreader.cxx:654 Crash happens with Version: 6.0.0.0.alpha1+ Build ID: 9984579e96a966c2e47db98ceeb9a83b1adefa00 CPU threads: 4; OS: Linux 4.13; UI render: default; VCL: gtk2; Locale: en-GB (en_GB.utf8); Calc: group But I can open the file fine with Version: 5.4.2.2 Build ID: 22b09f6418e8c2d508a9eaf86b2399209b0990f4 CPU threads: 4; OS: Linux 4.13; UI render: default; VCL: gtk2; Locale: en-GB (en_GB.utf8); Calc: group I shall try to bisect. Steps to Reproduce: 1. Download https://indico.cern.ch/event/647714/contributions/2632839/attachments/1556799/2448620/Exp-Upgrades.pptx 2. Open with LibreOffice 3. Crashes during open Actual Results: Crashes Expected Results: Opens file Reproducible: Always User Profile Reset: No Additional Info: User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0