This bug was filed from the crash reporting server and is br-ec286eaa-874d-4eae-ba81-31afdbc6b1f0. ========================================= crashed when trying to convert https://www.dropbox.com/s/7tit0te5whpg379/LazBuch_1_20160716_1548_MIN_SANI.odt?dl=0 to docx
File is 48 MB. Crash reproduced in LibreOffice 5.2.0.3/Windows 7 and 5.2.0.3/Ubuntu 15.10. Crash report might be unreliable, because Writer window just disappears, soffice.exe/bin keeps running in background. The crash happens when I start Writer again, and try to open the same document, these are my reports, read access violations, but at different places: http://crashreport.libreoffice.org/stats/crash_details/9a7495fb-8f86-4d95-8044-fc3965e72867 http://crashreport.libreoffice.org/stats/crash_details/3cce4302-716a-4efd-98e1-581648ea4fdd No crash when exporting to DOC. No crash when exporting to DOCX in 4.4.0.3, but soffice.bin consumes 1.2 GB memory during opening/saving, which I wouldn't consider correct behavior enough to mark this as regression. Raising priority to critical, as it's a crash.
First major version crash occurs in is 5.0.0.5.
this has something to do with hyperlinks and fields, stack trace looks like: #0 0x00002aaaab37a418 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54 #1 0x00002aaaab37c01a in __GI_abort () at abort.c:89 #2 0x00002aaaabdecf95 in __gnu_debug::_Error_formatter::_M_error (this=0x7ffffffea6e8) at ../../../../../src/libstdc++-v3/src/c++11/debug.cc:782 #3 0x00002aaae692eacb in std::__debug::vector<FieldInfos, std::allocator<FieldInfos> >::back (this=0x2d1db30) at /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0/debug/vector:439 #4 0x00002aaae68fa8d6 in DocxAttributeOutput::EndRun (this=0x2d1da60) at /home/noel/libo2/sw/source/filter/ww8/docxattributeoutput.cxx:1344 #5 0x00002aaae6ab8f8a in MSWordExportBase::OutputTextNode (this=0x7ffffffecdf8, rNode=...) at /home/noel/libo2/sw/source/filter/ww8/wrtw8nds.cxx:2422 #6 0x00002aaae6abcea5 in MSWordExportBase::OutputContentNode (this=0x7ffffffecdf8, rNode=...) at /home/noel/libo2/sw/source/filter/ww8/wrtw8nds.cxx:3069 #7 0x00002aaae6b31de1 in MSWordExportBase::WriteText (this=0x7ffffffecdf8) at /home/noel/libo2/sw/source/filter/ww8/wrtww8.cxx:2663 #8 0x00002aaae6984231 in DocxExport::WriteMainText (this=0x7ffffffecdf8) at /home/noel/libo2/sw/source/filter/ww8/docxexport.cxx:1342 #9 0x00002aaae6983c49 in DocxExport::ExportDocument_Impl (this=0x7ffffffecdf8) at /home/noel/libo2/sw/source/filter/ww8/docxexport.cxx:443 #10 0x00002aaae6b38ea4 in MSWordExportBase::ExportDocument (this=0x7ffffffecdf8, bWriteAll=true) at /home/noel/libo2/sw/source/filter/ww8/wrtww8.cxx:3136 #11 0x00002aaae6998a0f in DocxExportFilter::exportDocument (this=0x7fc0600) at /home/noel/libo2/sw/source/filter/ww8/docxexportfilter.cxx:73 #12 0x00002aaae5e9a6a2 in oox::core::FilterBase::filter (this=0x7fc0600, rMediaDescSeq=uno::Sequence of length 11 = {...}) at /home/noel/libo2/oox/source/core/filterbase.cxx:493 #13 0x00002aaae5876173 in WriterFilter::filter (this=0x8484110, aDescriptor=uno::Sequence of length 11 = {...}) at /home/noel/libo2/writerfilter/source/filter/WriterFilter.cxx:150 #14 0x00002aaaafde3348 in SfxObjectShell::ExportTo (this=0x2b95150, rMedium=...) at /home/noel/libo2/sfx2/source/doc/objstor.cxx:2416
Confirming with: Version: 5.3.0.0.beta1 Build ID: 690f553ecb3efd19143acbf01f3af4e289e94536 CPU Threads: 4; OS Version: Windows 6.2; UI Render: default; Layout Engine: new; Locale: nl-NL (nl_NL); Calc: CL Crash report: http://crashreport.libreoffice.org/stats/crash_details/157f97e0-fb84-4f77-8016-b3cd9f51f3af
Repro with: Versie: 4.4.6.3 Build ID: e8938fd3328e95dcf59dd64e7facd2c7d67c704d Locale: nl_NL and with Version: 4.4.0.3 Build ID: de093506bcdc5fafd9023ee680b8c60e3e0645d7 Locale: nl_NL but not with: Version: 4.3.0.4 Build ID: 62ad5818884a2fc2e5780dd45466868d41009ec0
Regression introduced by: author Vinaya Mandke <vinaya.mandke@synerzip.com> 2014-05-21 06:12:07 (GMT) committer Miklos Vajna <vmiklos@collabora.co.uk> 2014-05-22 09:03:21 (GMT) commit 3c87d89bca61732cb2ee679e278863bd56bbdddd (patch) tree f1448b79e719c04baa6d27df6a0a555327922b10 parent b56c9aaa80639f93531ae7aa2a929eca158c4401 (diff) fdo#78910 Hyperlink and Field start-end mismatch Originally a Field began inside a hyperlink but ended after the hyperlink. This causes the corruption in MS Word. Incremented the field count if the field is added for the current new hyperlink. Added another variable to store the Field-Count from previous hyperlink. Added UT for the same. Adding Cc: to Vinaya Mandke
this is still reproducible in Version: 5.4.0.0.alpha0+ Build ID: eb7b03b052ffe8c2c577b2349987653db6c53f76 CPU threads: 1; OS: Windows 6.1; UI render: default; TinderBox: Win-x86@62-merge-TDF, Branch:MASTER, Time: 2017-02-26_22:34:18 Locale: en-GB (es_ES); Calc: group
Created attachment 131576 [details] gdb backtrace
fixed on master
Michael Stahl committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=103efac8110be7e6f42fffcecc74abdcae4df7f9 tdf#101178 sw: DOCX export: fix crash It will be available in 5.4.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Fix verified in Version: 5.4.0.0.alpha0+ Build ID: 27c5268dd9908b749ca251e172944278d761a335 CPU threads: 4; OS: Linux 4.8; UI render: default; VCL: gtk2; Locale: ca-ES (ca_ES.UTF-8); Calc: group
Michael Stahl committed a patch related to this issue. It has been pushed to "libreoffice-5-3": http://cgit.freedesktop.org/libreoffice/core/commit/?id=69b89daa2c583d02da0eb04f9a388d86d87f6ed5&h=libreoffice-5-3 tdf#101178 sw: DOCX export: fix crash It will be available in 5.3.2. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Michael Stahl committed a patch related to this issue. It has been pushed to "libreoffice-5-2": http://cgit.freedesktop.org/libreoffice/core/commit/?id=29b783dc6844a3fed9bcf434ae3901e986b44991&h=libreoffice-5-2 tdf#101178 sw: DOCX export: fix crash It will be available in 5.2.7. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.