Bug 42534 - FILEOPEN: Crash on document load (ODT)
Summary: FILEOPEN: Crash on document load (ODT)
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Writer (show other bugs)
(earliest affected)
3.4.3 release
Hardware: x86 (IA32) Linux (All)
: highest critical
Assignee: Caolán McNamara
Whiteboard: BSA
Depends on:
Reported: 2011-11-02 14:07 UTC by Spiros Georgaras
Modified: 2011-12-15 04:29 UTC (History)
3 users (show)

See Also:
Crash report or crash signature:

gdb.log on crash after document load (ODT) (15.92 KB, text/x-log)
2011-11-03 13:10 UTC, Spiros Georgaras
gdb.log with debugging symbols (3.83 KB, application/x-bzip)
2011-11-07 10:43 UTC, Spiros Georgaras
valgrind.log with debugging symbols (5.48 KB, application/x-bzip)
2011-11-07 10:45 UTC, Spiros Georgaras

Note You need to log in before you can comment on or make changes to this bug.
Description Spiros Georgaras 2011-11-02 14:07:54 UTC
Problem description: I have a bunch of ODTs created with 3.3.x. Most of them contain a frame on the first page (heavily customized - colored with white border). In 3.4.1 and 3.4.2 all of these files crashed Writer.

Using 3.4.3 all but one do not crash writer, but the frame's border is gone - i have to redefine it

I have this one file which still crashes writer, i cam send it to whoever thinks it might be useful - it's just 750kb

Steps to reproduce:
1. Load a odt file
2. File loaded having a strange looking frame (no border)
3. Crash after a couple of seconds

Current behavior:

Expected behavior:

Platform: debian sid - libreoffice 3.4.3 OOO340m1 (Build 302)
Comment 1 Petr Mladek 2011-11-03 11:46:40 UTC
We should not mix too many problems together. Let's leave this bug for the crash.

Please, attach the file that causes the crash. 750kB are fine. The limit is 3GB.

Also please try to get backtrace from the crash, see http://wiki.documentfoundation.org/BugReport#How_to_get_backtrace_.28on_Linux.29

Finally, open separate bug for the missing frame's border and attache a test file there.

BTW: I reduce the severity. It seems to happen with only a particular document => it can't block the whole release.
Comment 2 Spiros Georgaras 2011-11-03 13:10:34 UTC
Created attachment 53125 [details]
gdb.log on crash after document load (ODT)
Comment 3 Spiros Georgaras 2011-11-03 13:13:24 UTC
Hi Petr

I will send the odt file causing the crash by email (it's not for the public domain)

Comment 4 Petr Mladek 2011-11-07 08:42:22 UTC
Thanks for the document.

Hmm, I am unable to reproduce the crash. I tested it on two machines. I wonder if you have other fonts or extensions installed, or so.

Unfortunately, the backtrace is not much useful without debug information. I see that you have the binaries under /usr/lib/libreoffice => it is not the official build from http://www.documentfoundation.org/

What Linux distro are you using?
Could you please install debuginfo packages and get a better backtrace?
Comment 5 Spiros Georgaras 2011-11-07 10:42:27 UTC
Hi Petr

I have installed all relevant dbg packages and you can find attached the results of gdb and valgrind

I am running aptosid xfce (debian sid)

I do have a rather big collection of fonts installed, but that did not seem to be a problem till recently.

The extensions i have installed are:
  Canadian English dictionary
  Greek dictionary
  PDF import

Thank you for your time

Comment 6 Spiros Georgaras 2011-11-07 10:43:44 UTC
Created attachment 53259 [details]
gdb.log with debugging symbols
Comment 7 Spiros Georgaras 2011-11-07 10:45:08 UTC
Created attachment 53260 [details]
valgrind.log with debugging symbols
Comment 8 Petr Mladek 2011-11-08 05:36:58 UTC
Thanks for the last gdb and valgring logs. They might give us some pointers.

I add some developers into CC who might be interested into looking at it.
Comment 9 Caolán McNamara 2011-11-08 05:41:37 UTC
I'd need to see a reproducer document. It looks a little like a previous bug where we were casting a SdrObject in a header to another type which was unrelated entirely in order to do some actually fairly useless test on it.
Comment 10 Spiros Georgaras 2011-11-08 08:20:06 UTC
BTW, this document demonstrates bug 42570 too

Bug 42570 - EDITING: Frame Border Gone under 3.4.3

Just a reminder...
Comment 11 Caolán McNamara 2011-11-10 07:17:46 UTC
Well, the immediate crash reported in gdb would be fixed by http://cgit.freedesktop.org/libreoffice/core/commit/?id=3524727db0f3cfecf3a47046795c527808c10c3e specifically by the hunk of sw/source/core/text/txtfrm.cxx
Comment 12 Caolán McNamara 2011-11-10 07:35:04 UTC
I can't reproduce this in 3-4, but from the bt I'm fairly sure the immediate crash would be fixed by backporting the fix mentioned from master.

I'll ask on the list if we want this backported.
Comment 13 Caolán McNamara 2011-12-15 04:28:44 UTC
should be good in 3.5, no enthusiasm for backporting to 3.4.X apparently