Bug 111974 - LO crash on loading this document
Summary: LO crash on loading this document
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Calc (show other bugs)
Version:
(earliest affected)
4.3 all versions
Hardware: All All
: highest critical
Assignee: Dennis Francis
URL:
Whiteboard: target:6.0.0 target:5.4.2 target:5.3.7
Keywords: bibisected, bisected, haveBacktrace, regression
Depends on:
Blocks:
 
Reported: 2017-08-22 18:11 UTC by pj
Modified: 2017-09-09 15:26 UTC (History)
2 users (show)

See Also:
Crash report or crash signature: ["std::vector<oox::xls::FormulaBuffer::TokenAddressItem,std::allocator<oox::xls::FormulaBuffer::TokenAddressItem> >::push_back(oox::xls::FormulaBuffer::TokenAddressItem &&)"]

Attachments
file causing LO crash. (330.87 KB, application/vnd.ms-excel.sheet.macroEnabled.12)
2017-08-22 18:11 UTC, pj 		Details
core dump of crash (9.34 MB, application/gzip)
2017-08-22 18:49 UTC, Xavier Van Wijmeersch 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description pj 2017-08-22 18:11:38 UTC 
Created attachment 135739 [details]
file causing LO crash.

Attached file cause LO to crash when loading in LibreOffice download version 5.3-5.3.5.2-2.x86_64 and 5.4.0.3-3.x86_64 Linux versions.
Comment 1 Xavier Van Wijmeersch 2017-08-22 18:45:31 UTC 
confirm with

Version: 6.0.0.0.alpha0+
CPU threads: 8; OS: Linux 4.9; UI render: default; VCL: kde4; 
Locale: nl-BE (en_US.UTF-8); Calc: group
Comment 2 Xavier Van Wijmeersch 2017-08-22 18:49:12 UTC 
Created attachment 135740 [details]
core dump of crash
Comment 3 Xisco Faulí 2017-08-30 17:15:21 UTC 
Confirmed in

Version: 6.0.0.0.alpha0+
Build ID: a9cd75c1501d5095887c657426820962c68e0ede
CPU threads: 4; OS: Linux 4.10; UI render: default; VCL: gtk3; 
Locale: ca-ES (ca_ES.UTF-8); Calc: group
Comment 4 Xisco Faulí 2017-08-30 17:27:18 UTC 
Regression introduced by:

author	Michael Meeks <michael.meeks@collabora.com>	2014-01-01 14:06:05 (GMT)
committer	Michael Meeks <michael.meeks@collabora.com>	2014-01-02 10:57:27 (GMT)
commit d17a83fa549f828f29e6939b16ba8b568a75f95e (patch)
tree 2fb43a22f55a14fb9d7fb7cc5420a212fec3178f
parent 1b66c17b7fa7b0c6d74d03777e24db236bb86282 (diff)
oox: fix crash with threaded xlsx loading by pre-allocating sheet storage.

Bisected with bibisect-43max

Adding Cc: to Michael Meeks
Comment 5 Commit Notification 2017-09-02 16:20:46 UTC 
Dennis Francis committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=20169423d492b58ab93fb0e8e9d2918c0baebc92

tdf#111974: Ensure sufficient space for all sheets in FormulaBuffer...

It will be available in 6.0.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.
Comment 6 pj 2017-09-02 17:23:57 UTC 
Just to make sure, is this fix is targeted for LO 6.0.0 (in four monthsish) or is this a version reference to a component with a version of 6.0.0?
Comment 7 Adolfo Jayme Barrientos 2017-09-03 05:16:00 UTC 
The former.
Comment 8 pj 2017-09-03 15:47:51 UTC 
Is there any hope in inclusion in a current or soon to be "stable" version as this is deemed, "highest critical"? As a business, we utilize that branch exclusively at this time.

I can confirm that the included Plant Operating*.xlsm spreadsheet will open and does not cause a crash in LibreOfficeDev_6.0.0.0.alpha0_Linux_x86-64_rpm from the dev build file master-2017-09-02_23.12.31_LibreOfficeDev_6.0.0.0.alpha0_Linux_x86-64_rpm.tar.gz

Thank you!
Comment 9 Dennis Francis 2017-09-04 06:53:01 UTC 
I have submitted patch for libreoffice 5-4 branch (https://gerrit.libreoffice.org/#/c/41841/1). This when accepted, will appear in the next version of 5.4 series.
Comment 10 Xavier Van Wijmeersch 2017-09-04 09:15:21 UTC 
Its works for me to with

Version: 6.0.0.0.alpha0+
Build ID: dfaceb70ec2f6feda6a73b8be00a7f168dfe075b
CPU threads: 8; OS: Linux 4.9; UI render: default; VCL: kde4; 
Locale: nl-BE (en_US.UTF-8); Calc: group
Comment 11 pj 2017-09-04 16:08:40 UTC 
(In reply to Dennis Francis from comment #9)
> I have submitted patch for libreoffice 5-4 branch
> (https://gerrit.libreoffice.org/#/c/41841/1). This when accepted, will
> appear in the next version of 5.4 series.

Thank you all for your help!

Dennis and others, we would like to donate as part of this process. What is your current recommendation for us to help this project?

Thanks
PJ
Comment 12 Michael Meeks 2017-09-05 04:34:00 UTC 
Marking fixed - verification of the latest builds much appreciated etc. =)
Comment 13 Eike Rathke 2017-09-07 12:41:04 UTC 
(In reply to pj from comment #11)
> Dennis and others, we would like to donate as part of this process. What is
> your current recommendation for us to help this project?
Best would be to donate developer resources, eg. finding an interested developer or financing a developer to work on the project, best full time ;-)

That wishful thinking aside, there are multiple ways to get involved and help the project, see https://www.libreoffice.org/community/get-involved/

You could also donate money via https://www.libreoffice.org/donate/ 

Whatever you choose, it will be appreciated!
Comment 14 Commit Notification 2017-09-07 12:43:23 UTC 
Dennis Francis committed a patch related to this issue.
It has been pushed to "libreoffice-5-4":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=0b172f1d95c726c3e0bbc0b58a8605bf06bf6c67&h=libreoffice-5-4

tdf#111974: Ensure sufficient space for all sheets in FormulaBuffer...

It will be available in 5.4.2.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.
Comment 15 Commit Notification 2017-09-07 20:16:27 UTC 
Dennis Francis committed a patch related to this issue.
It has been pushed to "libreoffice-5-3":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=500b5727fd5902b7d14c6e707c2ad3d2b227bb1a&h=libreoffice-5-3

tdf#111974: Ensure sufficient space for all sheets in FormulaBuffer...

It will be available in 5.3.7.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.
Comment 16 pj 2017-09-08 16:31:49 UTC 
As a note regarding LO 5.4.2, the crash still happens with the most recent Dev version of 5.4.2:
 libreoffice-5-4~2017-09-07_11.22.50_LibreOfficeDev_5.4.2.0.0_Linux_x86-64_rpm.tar.gz
Comment 17 pj 2017-09-09 14:07:33 UTC 
A LO Foundation donation of $200 has been sent with a note referencing this ticket. Thank you again for the effort with this regression/bug.
Comment 18 pj 2017-09-09 15:26:42 UTC 
Sorry, my testing timing seems to have been off (I did not wait the 24-48 hours as directed). The 2.5.4 dev version libreoffice-5-4-2017-09-08_04.15.59_LibreOfficeDev_5.4.2.0.0_Linux_x86-64_rpm.tar.gz *does* correctly open and not crash LO.

Thanks
PJ