Bug 59437 - SwFmtAnchor::SetAnchor assert on loading a given document
Summary: SwFmtAnchor::SetAnchor assert on loading a given document
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Writer (show other bugs)
Version:
(earliest affected)
4.1.0.0.alpha0+ Master
Hardware: Other All
: medium normal
Assignee: Michael Stahl
QA Contact:
URL:
Whiteboard: target:4.1.0 target:4.0.0.2
Keywords: regression
Depends on:
Blocks:
 
Reported: 2013-01-15 20:59 UTC by Ruslan Kabatsayev
Modified: 2013-01-18 14:44 UTC (History)
7 users (show)

See Also:


Attachments
Test document (795.92 KB, application/vnd.oasis.opendocument.text)
2013-01-15 20:59 UTC, Ruslan Kabatsayev
Details
typescript with backtrace (166.16 KB, text/plain)
2013-01-16 17:17 UTC, Terrence Enger
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Ruslan Kabatsayev 2013-01-15 20:59:51 UTC
Created attachment 73123 [details]
Test document

When opening the test document LibO crashes.
Here's console output: http://pastebin.com/raw.php?i=X9k48aTu
This reproduces in Version 4.0.0.1+ and in 4.1.0.0alpha0+, but doesn't in 3.6.5.0+.
Comment 1 Jorendc 2013-01-15 21:32:42 UTC
Can't reproduce a crash using LibreOffice Version 4.0.0.1 (Bouw-id: 527dba6f6e0cfbbc71bd6e7b88a52699bb48799); Windows 7 x64;
Comment 2 m.a.riosv 2013-01-16 00:42:21 UTC
Hi Ruslan,

Open right for me with:
Win7x64 Ultimate
Versión 3.6.4.3 (ID de compilación: 2ef5aff)
Version 4.0.0.1 (Build ID: 527dba6f6e0cfbbc71bd6e7b88a52699bb48799)
Version 4.1.0.0.alpha0+ (Build ID: 612981fc8fd7a35d8112951e05e1b2cf0f5f1c0)

Have you tried to reset the user profile?, sometimes it solves strange issues.
Comment 3 Ruslan Kabatsayev 2013-01-16 15:35:58 UTC
FWIW, I tested this on Linux. Maybe it doesn't reproduce on Windows.
Here's the backtrace: http://pastebin.com/e0mKMrH0

> Have you tried to reset the user profile?, sometimes it solves strange issues.
The same with new user profile.
Comment 4 Joel Madero 2013-01-16 15:59:53 UTC
Doesn't crash for me, Bodhi Linux. 

Version 4.1.0.0.alpha0+ (Build ID: 5fe6ba4f226d4359869bf6e7859a67e70975b3e)

I'm tempted to close this as WFM at least until you can determine what's unique about your environment that might be causing this. Tested on multiple machines and all opened fine.
Comment 5 Caolán McNamara 2013-01-16 16:05:07 UTC
its a self-build with --enable-debug, mstahl added the assert, so hopefully has a better idea about what should happen
Comment 6 Pierre-Eric Pelloux-Prayer 2013-01-16 16:10:33 UTC
On git master, with debug enabled on sw module LO hits an assert when loading the document.
Here's the backtrace:

(gdb) bt 15
#4  0x00007fffc2f1e43a in SwFmtAnchor::SetAnchor (this=0x7fffffff91e0, pPos=0x7fffffff9210) at libreoffice/sw/source/core/layout/atrfrm.cxx:1518
#5  0x00007fffc2d2dba7 in SwDoc::_MakeFlySection (this=0x1217ac0, rAnchPos=..., rNode=..., eRequestId=FLY_AT_PARA, pFlySet=0x7fffffff95a0, pFrmFmt=0x7fffc8cf17b8) at libreoffice/sw/source/core/doc/doclay.cxx:622
#6  0x00007fffc2d2e454 in SwDoc::MakeFlySection (this=0x1217ac0, eAnchorType=FLY_AT_PARA, pAnchorPos=0x7fffffff96c8, pFlySet=0x7fffffff95a0, pFrmFmt=0x7fffc8cf17b8, bCalledFromShell=false) at libreoffice/sw/source/core/doc/doclay.cxx:746
#7  0x00007fffc321b911 in SwXFrame::attachToRange (this=0x7fffc2464430, xTextRange=...) at libreoffice/sw/source/core/unocore/unoframe.cxx:2135
#8  0x00007fffc321d874 in SwXFrame::attach (this=0x7fffc2464430, xTextRange=...) at libreoffice/sw/source/core/unocore/unoframe.cxx:2385
#9  0x00007fffc321f786 in SwXTextFrame::attach (this=0x7fffc2464388, xTextRange=...) at libreoffice/sw/source/core/unocore/unoframe.cxx:2650
#10 0x00007fffc32da5a4 in SwXText::insertTextContent (this=0x7fffc2464208, xRange=..., xContent=..., bAbsorb=0 '\000') at libreoffice/sw/source/core/unocore/unotext.cxx:617
#11 0x00007fffd0545d77 in XMLTextFrameContext_Impl::Create(unsigned char) () from libreoffice/solver/unxlngx6.pro/installation/opt/program/../program/libxolo.so
#12 0x00007fffd0548b35 in XMLTextFrameContext_Impl::XMLTextFrameContext_Impl(SvXMLImport&, unsigned short, rtl::OUString const&, com::sun::star::uno::Reference<com::sun::star::xml::sax::XAttributeList> const&, com::sun::star::text::TextContentAnchorType, unsigned short, com::sun::star::uno::Reference<com::sun::star::xml::sax::XAttributeList> const&) () from libreoffice/solver/unxlngx6.pro/installation/opt/program/../program/libxolo.so
#13 0x00007fffd054987c in XMLTextFrameContext::CreateChildContext(unsigned short, rtl::OUString const&, com::sun::star::uno::Reference<com::sun::star::xml::sax::XAttributeList> const&) () from libreoffice/solver/unxlngx6.pro/installation/opt/program/../program/libxolo.so
#14 0x00007fffd0388914 in SvXMLImport::startElement(rtl::OUString const&, com::sun::star::uno::Reference<com::sun::star::xml::sax::XAttributeList> const&) () from libreoffice/solver/unxlngx6.pro/installation/opt/program/../program/libxolo.so

(gdb) p pPos
$2 = (const SwPosition *) 0x7fffffff9210
Comment 7 Terrence Enger 2013-01-16 17:17:41 UTC
Created attachment 73159 [details]
typescript with backtrace
Comment 8 Terrence Enger 2013-01-16 17:19:53 UTC
I have reproduced the failure in master commit 16ab898, pulled around
2013-01-12 00:00 Z, configured as

    --enable-dbgutil
    --enable-crashdump
    --disable-build-mozilla
    --without-system-postgresql
    --without-myspell-dicts
    --without-help
    --with-extra-buildid

built and running on ubuntu-natty (11.04) 32-bit.


In the backtrace from the core dump (an amazing 81MB!), I see ...

    #20 0xb150216b in SwFmtAnchor::SetAnchor (this=0xbfa34470, pPos=0xbfa34450) at /home/terry/lo_hacking/git/libo4/sw/source/core/layout/atrfrm.cxx:1518

The source line 

    assert(!pPos || dynamic_cast<SwTxtNode*>(&pPos->nNode.GetNode()));

was added on 2012-12-13.  pPos was non-zero at the point of failure.


Terry.
Comment 9 Julien Nabet 2013-01-16 20:53:32 UTC
On pc Debian x86-64 with master sources updated today(commit 83b729ebcf525d03ce4c0c85dd871c91968e78ac), I reproduced the same bt already retrieved by Pierre-Eric and Terrence

Michael/Cédric: one for you?
Comment 10 Not Assigned 2013-01-17 21:39:48 UTC
Michael Stahl committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=0ed73a0817ad0ff0107cb297208252c0afe3b4a9

fdo#59437: SwFmtAnchor::SetAnchor: Anchors may be on StartNodes



The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 11 Michael Stahl 2013-01-17 21:47:47 UTC
ah sorry the assertion wasn't quite right;
i forgot that FLY_AT_FLY anchors may be on SwStartNodes.

fixed on master now.
Comment 12 Ruslan Kabatsayev 2013-01-18 12:35:30 UTC
(In reply to comment #11)
> fixed on master now.

This should also go to 4.0.
Comment 13 Not Assigned 2013-01-18 14:44:12 UTC
Michael Stahl committed a patch related to this issue.
It has been pushed to "libreoffice-4-0":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=9bde6f8a0c5fed9d30cd0e296ec9258937376bdf&h=libreoffice-4-0

fdo#59437: SwFmtAnchor::SetAnchor: Anchors may be on StartNodes


It will be available in LibreOffice 4.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.