84760 – Reproducible crash when editing text in table

Bug 84760 - Reproducible crash when editing text in table

Summary: Reproducible crash when editing text in table

Status:	RESOLVED DUPLICATE of bug 78906

Alias:	None

Product:	LibreOffice
Classification:	Unclassified
Component:	Writer (show other bugs)
Version: (earliest affected)	4.3.1.2 release
Hardware:	x86-64 (AMD64) Linux (All)

Importance:	medium major
Assignee:	Not Assigned

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-10-07 16:01 UTC by Andreas K. Hüttel
Modified:	2014-10-09 13:20 UTC (History)
CC List:	0 users

See Also:
Crash report or crash signature:

Attachments
simplified test case file for crash; instructions (also) inside (15.42 KB, application/vnd.oasis.opendocument.text) 2014-10-07 16:01 UTC, Andreas K. Hüttel	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas K. Hüttel 2014-10-07 16:01:12 UTC

Created attachment 107507 [details]
simplified test case file for crash; instructions (also) inside

Open attached file in Libreoffice 4.3.1.2 (Gentoo official package, x86-64). 

Place the cursor at the end of the second line of the right table column, 
directly between „/“ and the line break. Enter (without the quotation marks) 
„ 0(+0)“. On entering the closing bracket, LibreOffice crashes.

Here's the backtrace of the core dump. More information on request.

Core was generated by `/usr/lib64/libreoffice/program/soffice.bin --writer testcase.odt --splash-pipe='.
Program terminated with signal 11, Segmentation fault.
#0  0x00007f0b9b88540b in ScriptRun::next() () from /usr/lib64/libreoffice/program/libvcllo.so
(gdb) bt
#0  0x00007f0b9b88540b in ScriptRun::next() () from /usr/lib64/libreoffice/program/libvcllo.so
#1  0x00007f0b9b881a11 in HbLayoutEngine::layout(ServerFontLayout&, ImplLayoutArgs&) ()
   from /usr/lib64/libreoffice/program/libvcllo.so
#2  0x00007f0b9b6a52d6 in OutputDevice::ImplLayout(rtl::OUString const&, int, int, Point const&, long, int const*) const () from /usr/lib64/libreoffice/program/libvcllo.so
#3  0x00007f0b9b6a55a4 in OutputDevice::GetTextArray(rtl::OUString const&, int*, int, int) const ()
   from /usr/lib64/libreoffice/program/libvcllo.so
#4  0x00007f0b76e3d634 in SwFntObj::GetTextSize(SwDrawTextInfo&) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#5  0x00007f0b76e57739 in SwSubFont::_GetTxtSize(SwDrawTextInfo&) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#6  0x00007f0b76dd530f in SwTxtSizeInfo::GetTxtSize(SwScriptInfo const*, int, int, unsigned short, unsigned short&, unsigned short&) const () from /usr/lib64/libreoffice/program/../program/libswlo.so
#7  0x00007f0b76dd29b9 in SwTxtGuess::Guess(SwTxtPortion const&, SwTxtFormatInfo&, unsigned short) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#8  0x00007f0b76e0888d in SwTxtPortion::_Format(SwTxtFormatInfo&) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#9  0x00007f0b76dea834 in SwTxtFormatter::BuildPortions(SwTxtFormatInfo&) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#10 0x00007f0b76deb968 in SwTxtFormatter::FormatLine(int) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#11 0x00007f0b76dc7b44 in SwTxtFrm::FormatLine(SwTxtFormatter&, bool) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#12 0x00007f0b76dcb990 in SwTxtFrm::_Format(SwTxtFormatter&, SwTxtFormatInfo&, bool) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
---Type <return> to continue, or q <return> to quit---
#13 0x00007f0b76dcc8a7 in SwTxtFrm::_Format(SwParaPortion*) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#14 0x00007f0b76dcd1b1 in SwTxtFrm::Format(SwBorderAttrs const*) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#15 0x00007f0b76d023e3 in SwCntntFrm::MakeAll() ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#16 0x00007f0b76d004ed in SwFrm::PrepareMake() ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#17 0x00007f0b76d32c5c in SwLayAction::_TurboAction(SwCntntFrm const*) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#18 0x00007f0b76d32f4a in SwLayAction::TurboAction() ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#19 0x00007f0b76d3661d in SwLayAction::Action() ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#20 0x00007f0b7701ba49 in SwViewShell::ImplEndAction(bool) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#21 0x00007f0b76b36141 in SwCrsrShell::EndAction(bool) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#22 0x00007f0b76c9ade2 in SwEditShell::EndAllAction() ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#23 0x00007f0b76c86544 in SwEditShell::Insert2(rtl::OUString const&, bool) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#24 0x00007f0b772d985f in SwWrtShell::Insert(rtl::OUString const&) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#25 0x00007f0b7717e9d7 in SwEditWin::FlushInBuffer() ()
---Type <return> to continue, or q <return> to quit---
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#26 0x00007f0b77185f2e in SwEditWin::KeyInput(KeyEvent const&) ()
   from /usr/lib64/libreoffice/program/../program/libswlo.so
#27 0x00007f0b9b61a22f in ImplHandleKey(Window*, unsigned short, unsigned short, unsigned short, unsigned short, bool) () from /usr/lib64/libreoffice/program/libvcllo.so
#28 0x00007f0b9b61c885 in ImplWindowFrameProc(Window*, SalFrame*, unsigned short, void const*) ()
   from /usr/lib64/libreoffice/program/libvcllo.so
#29 0x00007f0b8f9912bc in X11SalFrame::HandleKeyEvent(XKeyEvent*) ()
   from /usr/lib64/libreoffice/program/libvclplug_genlo.so
#30 0x00007f0b8f9920e7 in X11SalFrame::Dispatch(_XEvent*) ()
   from /usr/lib64/libreoffice/program/libvclplug_genlo.so
#31 0x00007f0b8f9556f8 in SalX11Display::Dispatch(_XEvent*) ()
   from /usr/lib64/libreoffice/program/libvclplug_genlo.so
#32 0x00007f0b92313aaf in SalKDEDisplay::checkDirectInputEvent(_XEvent*) ()
   from /usr/lib64/libreoffice/program/libvclplug_kde4lo.so
#33 0x00007f0b92313b31 in SalKDEDisplay::Yield() ()
   from /usr/lib64/libreoffice/program/libvclplug_kde4lo.so
#34 0x00007f0b8f954805 in DisplayYield(int, SalX11Display*) ()
   from /usr/lib64/libreoffice/program/libvclplug_genlo.so
#35 0x00007f0b92318e06 in KDEXLib::socketNotifierActivated(int) ()
   from /usr/lib64/libreoffice/program/libvclplug_kde4lo.so
#36 0x00007f0b9231aaaf in KDEXLib::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) ()
   from /usr/lib64/libreoffice/program/libvclplug_kde4lo.so
#37 0x00007f0b900838da in QMetaObject::activate (sender=sender@entry=0x758b90, 
    m=m@entry=0x7f0b903d3980 <QSocketNotifier::staticMetaObject>, 
---Type <return> to continue, or q <return> to quit---
    local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fff6642c5e0)
    at kernel/qobject.cpp:3547
#38 0x00007f0b900cf0fe in QSocketNotifier::activated (this=this@entry=0x758b90, _t1=10)
    at .moc/release-shared/moc_qsocketnotifier.cpp:102
#39 0x00007f0b9008c81b in QSocketNotifier::event (this=0x758b90, e=0x7fff6642c910)
    at kernel/qsocketnotifier.cpp:316
#40 0x00007f0b9059f1ec in QApplicationPrivate::notify_helper (this=this@entry=0x7404e0, 
    receiver=receiver@entry=0x758b90, e=e@entry=0x7fff6642c910) at kernel/qapplication.cpp:4562
#41 0x00007f0b905a59a0 in QApplication::notify (this=this@entry=0x7386e0, 
    receiver=receiver@entry=0x758b90, e=e@entry=0x7fff6642c910) at kernel/qapplication.cpp:4348
#42 0x00007f0b9177750a in KApplication::notify (this=0x7386e0, receiver=0x758b90, event=0x7fff6642c910)
    at /var/tmp/portage/kde-base/kdelibs-4.14.1/work/kdelibs-4.14.1/kdeui/kernel/kapplication.cpp:311
#43 0x00007f0b9006f7fd in QCoreApplication::notifyInternal (this=0x7386e0, receiver=0x758b90, 
    event=event@entry=0x7fff6642c910) at kernel/qcoreapplication.cpp:949
#44 0x00007f0b9009db36 in sendEvent (event=0x7fff6642c910, receiver=<optimized out>)
    at kernel/qcoreapplication.h:231
#45 socketNotifierSourceDispatch (source=0x741f80) at kernel/qeventdispatcher_glib.cpp:117
#46 0x00007f0b945fdbe4 in g_main_dispatch (context=0x740f80)
    at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c:3064
#47 g_main_context_dispatch (context=context@entry=0x740f80)
    at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c:3663
#48 0x00007f0b945fde28 in g_main_context_iterate (context=context@entry=0x740f80, block=block@entry=1, 
    dispatch=dispatch@entry=1, self=<optimized out>)
    at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c:3734
#49 0x00007f0b945fdecc in g_main_context_iteration (context=0x740f80, may_block=1)
---Type <return> to continue, or q <return> to quit---
    at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c:3795
#50 0x00007f0b9009cdee in QEventDispatcherGlib::processEvents (this=0x741260, flags=...)
    at kernel/qeventdispatcher_glib.cpp:450
#51 0x00007f0b9063d6a6 in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...)
    at kernel/qguieventdispatcher_glib.cpp:204
#52 0x00007f0b92318ab9 in KDEXLib::processYield(bool, bool) ()
   from /usr/lib64/libreoffice/program/libvclplug_kde4lo.so
#53 0x00007f0b9b7f2b4e in Application::Yield() () from /usr/lib64/libreoffice/program/libvcllo.so
#54 0x00007f0b9b7f2be5 in Application::Execute() () from /usr/lib64/libreoffice/program/libvcllo.so
#55 0x00007f0b9ff00c73 in desktop::Desktop::Main() ()
   from /usr/lib64/libreoffice/program/libsofficeapp.so
#56 0x00007f0b9b7f7301 in ImplSVMain() () from /usr/lib64/libreoffice/program/libvcllo.so
#57 0x00007f0b9b7f7322 in SVMain() () from /usr/lib64/libreoffice/program/libvcllo.so
#58 0x00007f0b9ff24315 in soffice_main () from /usr/lib64/libreoffice/program/libsofficeapp.so
#59 0x000000000040074b in main ()
(gdb)

Comment 1 Caolán McNamara 2014-10-08 08:35:50 UTC

Not happening for me unfortunately.

a) is view->non.printing.characters on or off, does it make a difference if its on or off ?
b) what's the output of fc-match -v Arial ?

Comment 2 Andreas K. Hüttel 2014-10-08 09:44:25 UTC

(In reply to Caolán McNamara from comment #1)
> Not happening for me unfortunately.
> 
> a) is view->non.printing.characters on or off, does it make a difference if
> its on or off ?

it's on, so the non-printable characters are shown

switching it off (so the line breaks / paragraph marks are not shown anymore) does not change anything.

Changing the frontend from kde to gen or gtk also does not change anything.

> b) what's the output of fc-match -v Arial ?

huettel@porto ~ $ fc-match -v Arial
Pattern has 34 elts (size 48)
        family: "Arial"(s)
        familylang: "en"(s)
        style: "Normal"(w) "obyčejné"(w) "Standard"(w) "Κανονικά"(w) "Regular"(w) "Normaali"(w) "Normál"(w) "Normale"(w) "Standaard"(w) "Normalny"(w) "Обычный"(w) "Normálne"(w) "Navadno"(w) "thường"(w) "Arrunta"(w)
        stylelang: "ca"(w) "cs"(w) "de"(w) "el"(w) "en"(w) "fi"(w) "hu"(w) "it"(w) "nl"(w) "pl"(w) "ru"(w) "sk"(w) "sl"(w) "vi"(w) "eu"(w)
        fullname: "Arial"(w)
        fullnamelang: "en"(w)
        slant: 0(i)(s)
        weight: 80(i)(s)
        width: 100(i)(s)
        size: 12(f)(s)
        pixelsize: 12.5(f)(s)
        foundry: "monotype"(s)
        hintstyle: 3(i)(s)
        hinting: True(s)
        verticallayout: False(s)
        autohint: False(s)
        globaladvance: True(s)
        file: "/usr/share/fonts/windows/arial.ttf"(s)
        index: 0(i)(s)
        outline: True(s)
        scalable: True(s)
        dpi: 75(f)(s)
        scale: 1(f)(s)
        charset: 
        0000: 00000000 ffffffff ffffffff 7fffffff 00000000 ffffffff ffffffff ffffffff
        0001: ffffffff ffffffff ffffffff ffffffff 00048000 00018003 1fffe000 fc000000
        0002: 00000000 00000000 02000000 00000000 00000000 00000000 3f0002c0 00000000
        0003: 0000020b 00000008 00000000 40000000 ffffd7f0 fffffffb 00007fff 00000000
        0004: ffffdffe ffffffff dffeffff 00000000 3ccf0000 0f0fc00c 03000000 00000300
        0005: 00000000 00000000 00000000 00000000 00000000 ffff0000 ffff000f 001f07ff
        0006: 88001000 07fffffe 003fffff ffffffff ffffffff ffffffff ffffffff 7fff3fff
        001e: 00000000 00000000 00000000 00000000 0000003f ffffffff ffffffff 03ffffff
        0020: 7fb8f000 560d7c47 00000010 8000fc00 00000000 00001c98 00000000 00000000
        0021: 00480020 00004044 78180000 00000000 003f0000 00000100 00000000 00000000
        0022: c6268044 00000a00 00000100 00000033 00000000 00000000 00000000 00000000
        0023: 00010004 00000003 00000000 00000000 00000000 00000000 00000000 00000000
        0025: 11111005 10101010 ffff0000 00001fff 000f1111 14041c03 03008c10 00000040
        0026: 00000000 1c000000 00000005 00000c69 00000000 00000000 00000000 00000000
        00e8: 0100003e 04000000 00000000 00000000 00000000 00000000 00000000 00000000
        00f0: fffffff6 0003ffff 00000000 00000000 00000000 00000000 00000000 00000000
        00fb: e0000006 5f7ffc01 ffffffdb ffffffff ffffffff 0003ffff fff80000 f00000ff
        00fc: 00000000 00000000 c0000000 00000007 00000000 00000000 00000000 00000000
        00fd: 00000000 c0000000 00000000 00000000 00000000 00000000 00000000 00040000
        00fe: 00000000 00000000 00000000 00000000 ffffffff ffffffff ffffffff 1fffffff
        00ff: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 10000000
(s)
        lang: aa|af|ar|av|ay|az-az|az-ir|be|bg|bi|bin|br|bs|bua|ca|ce|ch|co|cs|cy|da|de|el|en|eo|es|et|eu|fa|fi|fj|fo|fr|fur|fy|gd|gl|gn|gv|he|ho|hr|hu|ia|ig|id|ie|ik|io|is|it|kaa|ki|kk|kl|ku-ir|kum|ky|la|lb|lez|lt|lv|mg|mh|mt|nb|nds|nl|nn|no|nr|nso|ny|oc|om|os|pl|ps-af|ps-pk|pt|rm|ru|se|sel|sk|sl|sma|smj|smn|so|sq|sr|ss|st|sv|sw|tk|tl|tn|tr|ts|tt|tyv|ug|uk|ur|uz|vo|vot|wa|wen|wo|xh|yap|yi|zu|an|crh|csb|fil|hsb|ht|jv|kj|ku-iq|ku-tr|kwm|lg|li|mn-mn|ms|na|ng|ota|pa-pk|pap-an|pap-aw|rn|rw|sc|sd|sg|sn|su|za|lah(s)
        fontversion: 196608(i)(s)
        capability: "otlayout:arab"(s)
        fontformat: "TrueType"(s)
        embeddedbitmap: True(s)
        decorative: False(s)
        namelang: "de"(s)
        prgname: "fc-match"(s)
        hash: "sha256:413c78f91bd39e134f3c0bb204b1d5a90f29df9efddc8fd26950a178058d5d74"(s)
        postscriptname: "ArialMT"(s)

Comment 3 Caolán McNamara 2014-10-09 13:20:25 UTC

Ah, that's why I can't reproduce it. It got fixed since 4.3.1

*** This bug has been marked as a duplicate of bug 78906 ***