desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #130820
[Bug 1350369] Re: [Upstream] soffice.bin crashed with SIGSEGV in _SaveBox::CreateNew()
Launchpad has imported 16 comments from the remote bug at
https://bugs.documentfoundation.org/show_bug.cgi?id=81806.
If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.
------------------------------------------------------------------------
On 2014-07-27T13:10:48+00:00 Fdbugs-a wrote:
Created attachment 103543
Writer document which demonstrates the crash
Paste/undo actions in tables with merged cells cause document corruption
and crashes
Observed on OSX with LO 4.2.5.2. Other platforms unknown
Steps to reproduce
1. Load the attached Writer document
(which contains a 3x3 table in which A2:A3 and B2:C2 are merged cells, and the letters "a" "b" and "c" are placed in cells C1, B2 and C3 respectively)
2. Select and cut the range C1:C3 (the three cells containing the "a" "b" and "c")
3. Place the cursor in cell B2
4. Repeatedly paste then undo
Result
Despite the fact that the selection is unchanged, and the cursor is not moved, the three charaters are placed differently in each paste-undo cycle. After a couple of cycles, the table structure is corrupted and LO crashes
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/1
------------------------------------------------------------------------
On 2014-07-27T13:12:07+00:00 Fdbugs-a wrote:
Created attachment 103544
Crash dump
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/3
------------------------------------------------------------------------
On 2014-07-30T14:12:28+00:00 Fdbugs-a wrote:
Still occurs in 4.3.0.4 release
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/7
------------------------------------------------------------------------
On 2014-07-31T08:11:23+00:00 Jay wrote:
Dear Matthew,
Thank you for submitting the bug. I can confirm that the bug is
available in 3.3.0, 3.6.7, 4.2.5, and 4.3.1. It will crash between 2 to
4 paste and undo cycles.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/16
------------------------------------------------------------------------
On 2014-07-31T08:11:49+00:00 Jay wrote:
Created attachment 103729
linux backtrace
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/18
------------------------------------------------------------------------
On 2014-08-21T12:21:06+00:00 Björn Michaelsen wrote:
(This is an automated message.)
LibreOffice development currently prioritizes bugs with the so called
MAB (most annoying bugs) -- as this bug has not run through that process
(including writing a short rationale for this bug being a candidate and
other who are watching the tracker bug silently approving that rationale
etc.) its priority is set to high. Note this is effectively no change in
the urgency assigned to this bug, as we are currently not making a
difference between high and highest and severity is untouched.
You can find out more about MABs and how the process works by contacting
libreoffice qa on irc:
http://webchat.freenode.net/?channels=libreoffice-qa
The QA wiki page also gives you hints on how to get in contact with the
team (if IRC fails you, your next best choice is the mailing list):
https://wiki.documentfoundation.org/QA
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/22
------------------------------------------------------------------------
On 2014-11-17T04:07:22+00:00 Vstuart-foote wrote:
Created attachment 109584
Linux dbg bt of TB45 dbg build with symbols and source refs
Backtrace with recent 32-bit Linux TB45-debug build
On Fedora 20, 32-bit en-US with debug build
Version: 4.4.0.0.alpha1+
Build ID: d59b9b4af36148e4d8df8f3e3492116d378642e2
TinderBox: Linux-rpm_deb-x86@45-TDF-dbg, Branch:master, Time: 2014-11-06_03:11:43
SIGABRT crash, assertion while finding pointer position
pBlock->pData[ nOffset... BigPtrEntry::GetPos()
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/27
------------------------------------------------------------------------
On 2014-11-20T03:25:48+00:00 Gquigs+bugs wrote:
You can reproduce the basic issue with an even simpler document:
1. Insert Table with 2 columns, 1 row
2. Type a in column 1, b in column 2
3. Highlight and cut
4. GO to column2, paste (note how it just shows a
5. Undo
6. Paste again (now it shows a and b!)
This simple case doesn't seem to crash, but does likely show the
underlying bug. A similar issue happens if you do 1 column, 2 rows.
The first paste adds a new row. The undo removes it and then a and b
are both pasted in the same 2nd row.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/29
------------------------------------------------------------------------
On 2014-11-20T03:26:23+00:00 Gquigs+bugs wrote:
*** Bug 81923 has been marked as a duplicate of this bug. ***
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/32
------------------------------------------------------------------------
On 2014-11-28T09:45:20+00:00 Björn Michaelsen wrote:
(This is an automated message.)
Setting priority to highest as this is a MAB. This is part of an effort
to make the importance of MAB reflected in priority too.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/34
------------------------------------------------------------------------
On 2014-11-28T15:41:25+00:00 Vstuart-foote wrote:
issue remains with 4.3 and 4.4 builds. Moving to mab4.3
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/36
------------------------------------------------------------------------
On 2014-11-28T15:42:24+00:00 Vstuart-foote wrote:
try that with the correct bug id for mab4.3
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/38
------------------------------------------------------------------------
On 2015-06-16T14:07:07+00:00 Caolanm wrote:
What I see is that undo always leaves a pam that points to the start of
the undone area and a mark to the end of the undone area, even if that
area is empty. (In the normal where there is a selection this can be
seen by selecting something, deleting it, and undoing and the newly
undeleted stuff is again selected)
The table overwrite/paste thing looks to see if a mark is set and goes
off to "do something very complex" if its set. So if after each undo
cycle, you physically click at the point where the cursor is flashing
(which clears the mark) and then paste, undo, *click*, paste you get a
wonderfully stable experience.
So it seems reasonable to me to "do the simple thing" if there is no
mark, or if the mark and point are the same, i.e. there is nothing
actually selected by the PaM.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/39
------------------------------------------------------------------------
On 2015-06-16T19:20:22+00:00 Libreoffice-commits wrote:
Caolán McNamara committed a patch related to this issue.
It has been pushed to "master":
http://cgit.freedesktop.org/libreoffice/core/commit/?id=e06905df15ff03c6d3c84f61bd67860a91416c2d
Resolves: tdf#81806 crash on certain table paste+undo+page cycles
It will be available in 5.1.0.
The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/40
------------------------------------------------------------------------
On 2015-06-16T19:25:13+00:00 Libreoffice-commits wrote:
Caolán McNamara committed a patch related to this issue.
It has been pushed to "libreoffice-5-0":
http://cgit.freedesktop.org/libreoffice/core/commit/?id=5fbf5b10ca45528a075aba5d5f8e3f6af08c287f&h=libreoffice-5-0
Resolves: tdf#81806 crash on certain table paste+undo+page cycles
It will be available in 5.0.0.1.
The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/41
------------------------------------------------------------------------
On 2015-06-18T20:38:34+00:00 Libreoffice-commits wrote:
Caolán McNamara committed a patch related to this issue.
It has been pushed to "libreoffice-4-4":
http://cgit.freedesktop.org/libreoffice/core/commit/?id=ff6fb90179f1aa70e9d83bf4d90848fa13ff87db&h=libreoffice-4-4
Resolves: tdf#81806 crash on certain table paste+undo+page cycles
It will be available in 4.4.5.
The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1350369/comments/43
** Changed in: df-libreoffice
Status: Unknown => Fix Released
** Changed in: df-libreoffice
Importance: Unknown => Critical
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/1350369
Title:
[Upstream] soffice.bin crashed with SIGSEGV in _SaveBox::CreateNew()
Status in LibreOffice Productivity Suite:
Fix Released
Status in libreoffice package in Ubuntu:
Fix Released
Bug description:
Was trying to reproduce this bug:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/64295 I've
caused an outright crash.
Open document
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/64295/+attachment/18400/+files/20061006_final_pres_handout.odt
1. Put cursor at box under "Joe Selects Option A"
1. Edit -> Select All (which should select the whole table)
2. Copy
3. Put cursor at box under "Joe Selects Option A"
4. Paste
5. Undo
6. Paste
7. Undo (note how items are left)
8. Paste
9. Undo (crashes)
The cursor might also move around during the above.
ProblemType: Crash
DistroRelease: Ubuntu 14.10
Package: libreoffice-core 1:4.2.4-0ubuntu4
Uname: Linux 3.16.0-999-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.14.5-0ubuntu1
Architecture: amd64
CurrentDesktop: Unity
Date: Wed Jul 30 10:07:36 2014
ExecutablePath: /usr/lib/libreoffice/program/soffice.bin
InstallationDate: Installed on 2014-04-27 (93 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417)
ProcCmdline: /usr/lib/libreoffice/program/soffice.bin --writer /tmp/20061006_final_pres_handout.odt --splash-pipe=5
SegvAnalysis:
Segfault happened at: 0x7f9664eeccaa <_SaveBox::CreateNew(SwTable&, SwTableLine&, _SaveTable&)+74>: mov 0x18(%rax),%r15
PC (0x7f9664eeccaa) ok
source "0x18(%rax)" (0x00000018) not located in a known VMA region (needed readable region)!
destination "%r15" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: libreoffice
StacktraceTop:
_SaveBox::CreateNew (this=0x2bf5b20, rTbl=..., rParent=..., rSTbl=...) at /build/buildd/libreoffice-4.2.4/sw/inc/swtable.hxx:417
_SaveBox::CreateNew (this=0x29fda30, rTbl=..., rParent=..., rSTbl=...) at /build/buildd/libreoffice-4.2.4/sw/source/core/undo/untbl.cxx:1369
_SaveBox::CreateNew (this=0x220b6e0, rTbl=..., rParent=..., rSTbl=...) at /build/buildd/libreoffice-4.2.4/sw/source/core/undo/untbl.cxx:1369
_SaveBox::CreateNew (this=0x29f7360, rTbl=..., rParent=..., rSTbl=...) at /build/buildd/libreoffice-4.2.4/sw/source/core/undo/untbl.cxx:1369
_SaveLine::CreateNew (this=0x2be65c0, rTbl=..., rParent=..., rSTbl=...) at /build/buildd/libreoffice-4.2.4/sw/source/core/undo/untbl.cxx:1196
Title: soffice.bin crashed with SIGSEGV in _SaveBox::CreateNew()
UpgradeStatus: Upgraded to utopic on 2014-07-20 (9 days ago)
UserGroups: adm cdrom debian-tor dip disk libvirtd lpadmin plugdev sambashare sudo
To manage notifications about this bug go to:
https://bugs.launchpad.net/df-libreoffice/+bug/1350369/+subscriptions
