Created attachment 126362 [details] file Steps to reproduce: 1. Open attached file 2. Libreoffice crashes Problematic line: <image id="imageSVG" x="60" y="50" width="240" height="240" xlink:href="struct-image-12-b.svg"/> Reproduced in: Version: 5.3.0.0.alpha0+ Build ID: 9dc3356f1499a2b90078be86ca7470eb2e96aba8 CPU Threads: 4; OS Version: Windows 6.1; UI Render: default; TinderBox: Win-x86@39, Branch:master, Time: 2016-07-21_23:52:45 Locale: es-ES (es_ES); Calc: group and Version: 5.0.4.2 Build ID: 2b9802c1994aa0b7dc6079e128979269cf95bc78 Locale: es-ES (es_ES)
Unconfirmed with v5.1.5.1 under windows 7 x64. Unconfirmed with v5.2.0.3 under ubuntu 16.04 x64. When inserting the image, LO doesn't crash over here.
On pc Debian x86-64 with master sources updated yesterday, I don't reproduce this. Windows only bug? BTW, shouldn't it be filter::svgOpen ? (since you reproduce this when opening not when inserting)
Created attachment 126376 [details] struct-image-12-b.svg I'm sorry for updating a wrong. This new file should break Libreoffice
Note: Make sure you don't change the file's name, otherwise it won't crash
Created attachment 126377 [details] bt with symbols On pc Debian x86-64 with master sources updated yesterday, I could reproduce this when inserting image. BTW, even after renaming the file (eg: test.svg), I could reproduce this. Also, I don't reproduce the crash when opening so keyword is ok. Finally I'm not sure this bt corresponds to what I got without gdb. Indeed, I had to wait for some time before retrieving a bt.
Created attachment 126379 [details] bt with symbols This bt retrieved with attach method (see https://wiki.documentfoundation.org/Development/How_to_debug) seems better.
Just some remarks: - I hadn't renamed but copied the file in the same directory, if there's no file struct-image-12-b.svg in the same directory, obviously it doesn't crash. - I couldn't retrieve a Valgrind trace because, like with gdb, there's a kind of stack overflow. In brief, it seems finally the first bt is the good one, LO loops when parsing a file referencing itself.
I submitted this patch for master: https://gerrit.libreoffice.org/#/c/27468/
Julien Nabet committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=b7a18f18efbba086454e3b5ec157b156980f97b6 tdf#101070: svg/insert, avoid infinite recursive loop when referencing oneself It will be available in 5.3.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
gerrit for 5.2: https://gerrit.libreoffice.org/#/c/27478/ for 5.1: https://gerrit.libreoffice.org/#/c/27479/
Julien Nabet committed a patch related to this issue. It has been pushed to "libreoffice-5-2": http://cgit.freedesktop.org/libreoffice/core/commit/?id=77421906467e93e06c90740fb4ff95e7b8f8834b&h=libreoffice-5-2 tdf#101070: svg/insert, avoid infinite recursive loop when referencing oneself It will be available in 5.2.1. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Julien Nabet committed a patch related to this issue. It has been pushed to "libreoffice-5-1": http://cgit.freedesktop.org/libreoffice/core/commit/?id=373e73418addd13bdf55716ccb424feaa42708fc&h=libreoffice-5-1 tdf#101070: svg/insert, avoid infinite recursive loop when referencing oneself It will be available in 5.1.6. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.