Issue 102420

Summary:

Crash on openning rtf file

Product:

Writer

Reporter:

wsouzant <wsouzant>

Component:

open-import

Assignee:

AOO issues mailing list <issues>

Status:

ACCEPTED ---

QA Contact:

Severity:

Trivial

Priority:

CC:

hanya.runo, issues, kpalagin

Version:

OOO310m9

Keywords:

crash, regression

Target Milestone:

---

Hardware:

All

OS:

All

Issue Type:

DEFECT

Latest Confirmation in:

---

Developer Difficulty:

---

Attachments:

Description	Flags
The file said in the email	none

Description wsouzant 2009-06-01 22:25:45 UTC

Hello, when i try to open de rtf file that is attached the error raises

*** glibc detected *** /usr/lib/openoffice/program/soffice.bin: realloc():
invalid next size: 0x088f3120 ***
======= Backtrace: =========
/lib/libc.so.6[0xb7b81370]
/lib/libc.so.6[0xb7b846f6]
/lib/libc.so.6(realloc+0xf8)[0xb7b85898]
/usr/lib/openoffice/program/../basis-link/ure-link/lib/libuno_sal.so.3(rtl_reallocateMemory+0x1d)[0xb7de53da]
/usr/lib/openoffice/program/../basis-link/program/libsvlli.so(_ZN8SvPtrarr7_resizeEj+0x3a)[0xb7377fd6]
/usr/lib/openoffice/program/../basis-link/program/libsvlli.so(_ZN8SvPtrarr6InsertERKPvt+0x3d)[0xb73789c1]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN11SwSttNdPtrs6InsertERPK11SwStartNodet+0x22)[0xad459e6e]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN7SwNodes10_MoveNodesERK11SwNodeRangeRS_RK11SwNodeIndexh+0xe7c)[0xad4592ae]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN5SwDoc4MoveER11SwNodeRangeR11SwNodeIndexN26IDocumentContentOperations11SwMoveFlagsE+0x254)[0xad3e8c94]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN11SwRTFParser12SetFlysInDocEv+0x685)[0xad632bcd]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN11SwRTFParser8ContinueEi+0x721)[0xad645d2f]
/usr/lib/openoffice/program/../basis-link/program/libsvtli.so(_ZN11SvRTFParser10CallParserEv+0x90)[0xb71be188]
/usr/lib/openoffice/program/../basis-link/program/libsvxli.so(_ZN12SvxRTFParser10CallParserEv+0xaa)[0xaf172d2e]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN11SwRTFParser10CallParserEv+0x64)[0xad63b598]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN9RtfReader4ReadER5SwDocRK6StringR5SwPaMS4_+0x123)[0xad642235]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN8SwReader4ReadERK6Reader+0x2f0)[0xad5c975a]
/usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN10SwDocShell11ConvertFromER9SfxMedium+0xda)[0xad72d812]
/usr/lib/openoffice/program/../basis-link/program/libsfxli.so(_ZN14SfxObjectShell6DoLoadEP9SfxMedium+0x13a7)[0xb7637de3]
/usr/lib/openoffice/program/../basis-link/program/libsfxli.so(_ZN12SfxBaseModel4loadERKN3com3sun4star3uno8SequenceINS2_5beans13PropertyValueEEE+0x1dc)[0xb766dede]
/usr/lib/openoffice/program/../basis-link/program/libsfxli.so(_ZN19SfxFrameLoader_Impl4loadERKN3com3sun4star3uno8SequenceINS2_5beans13PropertyValueEEERKNS3_9ReferenceINS2_5frame6XFrameEEE+0x1aff)[0xb76a1433]
/usr/lib/openoffice/program/../basis-link/program/libfwkli.so[0xafa2721b]
/usr/lib/openoffice/program/../basis-link/program/libfwkli.so[0xafa2748c]
/usr/lib/openoffice/program/../basis-link/program/libfwkli.so[0xafa21e10]
/usr/lib/openoffice/program/../basis-link/program/libfwkli.so[0xafa220fc]
/usr/lib/openoffice/program/../basis-link/program/libcomphelp4gcc3.so(_ZN10comphelper19SynchronousDispatch8dispatchERKN3com3sun4star3uno9ReferenceINS4_10XInterfaceEEERKN3rtl8OUStringESD_lRKNS4_8SequenceINS3_5beans13PropertyValueEEE+0x18d)[0xb7a309b1]
/usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d92342]
/usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7da1444]
/usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d8024c]
/usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d80589]
/usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d80631]
/usr/lib/openoffice/program/../basis-link/program/libvclli.so(_ZNK4Link4CallEPv+0x1b)[0xb65a541f]
/usr/lib/openoffice/program/../basis-link/program/libvclli.so(_Z19ImplWindowFrameProcP6WindowP8SalFrametPKv+0xcc0)[0xb675e3d4]
/usr/lib/openoffice/basis3.0/program/libvclplug_genli.so(_ZNK8SalFrame12CallCallbackEtPKv+0x21)[0xb42b080b]
/usr/lib/openoffice/basis3.0/program/libvclplug_genli.so(_ZN10SalDisplay21DispatchInternalEventEv+0x74)[0xb42e0446]
/usr/lib/openoffice/basis3.0/program/libvclplug_gtkli.so(_ZN7GtkXLib11userEventFnEPv+0x95)[0xb46eec89]
/usr/lib/openoffice/basis3.0/program/libvclplug_gtkli.so(call_userEventFn+0x1a)[0xb46eee04]
/usr/lib/libglib-2.0.so.0[0xb4a0e341]
/usr/lib/libglib-2.0.so.0(g_main_context_dispatch+0x17b)[0xb4a0ff1b]
/usr/lib/libglib-2.0.so.0[0xb4a1341f]
/usr/lib/libglib-2.0.so.0(g_main_context_iteration+0x77)[0xb4a13997]
/usr/lib/openoffice/basis3.0/program/libvclplug_gtkli.so(_ZN7GtkXLib5YieldEbb+0x94)[0xb46eed3e]
/usr/lib/openoffice/basis3.0/program/libvclplug_genli.so(_ZN14X11SalInstance5YieldEbb+0x2f)[0xb42e60f5]
/usr/lib/openoffice/program/../basis-link/program/libvclli.so(_ZN11Application5YieldEb+0x5e)[0xb65ada7e]
/usr/lib/openoffice/program/../basis-link/program/libvclli.so(_ZN11Application7ExecuteEv+0x2b)[0xb65adb47]
/usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d7c518]
/usr/lib/openoffice/program/../basis-link/program/libvclli.so(_Z10ImplSVMainv+0x49)[0xb65b268d]
/usr/lib/openoffice/program/../basis-link/program/libvclli.so(_Z6SVMainv+0x2d)[0xb65b27a3]
/usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so(soffice_main+0xaa)[0xb7da8982]
/usr/lib/openoffice/program/soffice.bin(main+0x20)[0x8048d84]
/lib/libc.so.6(__libc_start_main+0xdc)[0xb7b2d60c]
/usr/lib/openoffice/program/soffice.bin(__gxx_personality_v0+0x61)[0x8048ce1]
======= Memory map: ========
08048000-0804a000 r-xp 00000000 08:03 4118292   
/usr/lib/openoffice/program/soffice.bin
0804a000-0804b000 r--p 00001000 08:03 4118292   
/usr/lib/openoffice/program/soffice.bin
0804b000-0804c000 rw-p 00002000 08:03 4118292   
/usr/lib/openoffice/program/soffice.bin
08198000-08996000 rw-p 08198000 00:00 0          [heap]
aa0e1000-aa561000 rw-p aa0e1000 00:00 0 
aa561000-aa614000 r-xp 00000000 08:03 4118226   
/usr/lib/openoffice/basis3.0/program/liblocaledata_euro.so
aa614000-aa615000 r--p 000b2000 08:03 4118226   
/usr/lib/openoffice/basis3.0/program/liblocaledata_euro.so
aa615000-aa637000 rw-p 000b3000 08:03 4118226   
/usr/lib/openoffice/basis3.0/program/liblocaledata_euro.so
aa637000-aa638000 ---p aa637000 00:00 0 
aa638000-aae38000 rw-p aa638000 00:00 0 
aae38000-aaf6b000 r-xp 00000000 08:03 2297339    /usr/lib/libcrypto.so.0.9.8
aaf6b000-aaf73000 r--p 00132000 08:03 2297339    /usr/lib/libcrypto.so.0.9.8
aaf73000-aaf81000 rw-p 0013a000 08:03 2297339    /usr/lib/libcrypto.so.0.9.8
aaf81000-aaf85000 rw-p aaf81000 00:00 0 
aaf85000-aafc6000 r-xp 00000000 08:03 2297342    /usr/lib/libssl.so.0.9.8
aafc6000-aafc7000 r--p 00040000 08:03 2297342    /usr/lib/libssl.so.0.9.8
aafc7000-aafca000 rw-p 00041000 08:03 2297342    /usr/lib/libssl.so.0.9.8
aafca000-aaffe000 r-xp 00000000 08:03 3213919    /usr/lib/libcups.so.2
aaffe000-aafff000 r--p 00034000 08:03 3213919    /usr/lib/libcups.so.2
aafff000-ab000000 rw-p 00035000 08:03 3213919    /usr/lib/libcups.so.2
ab000000-ab021000 rw-p ab000000 00:00 0 
ab021000-ab100000 ---p ab021000 00:00 0 
ab107000-ab117000 rw-p ab107000 00:00 0 
ab117000-ab126000 r--s 00000000 08:03 384597    
/usr/share/fonts/ttf-bitstream-vera/VeraBd.ttf
ab126000-ab127000 ---p ab126000 00:00 0 
ab127000-ab927000 rw-p ab127000 00:00 0 
ab927000-ab928000 ---p ab927000 00:00 0 
ab928000-ac128000 rw-p ab928000 00:00 0 
ac128000-ac13c000 r-xp 00000000 08:03 4117585   
/usr/lib/openoffice/basis3.0/program/vbaeventsli.uno.so
ac13c000-ac13d000 r--p 00013000 08:03 4117585   
/usr/lib/openoffice/basis3.0/program/vbaeventsli.uno.so
ac13d000-ac13e000 rw-p 00014000 08:03 4117585   
/usr/lib/openoffice/basis3.0/program/vbaeventsli.uno.so
ac13e000-ac18f000 r--s 00000000 08:03 1704453   
/usr/share/fonts/corefonts/times.ttf
ac18f000-ac1df000 r-xp 00000000 08:03 4118259   
/usr/lib/openoffice/basis3.0/program/libunoxmlli.so
ac1df000-ac1e7000 r--p 0004f000 08:03 4118259   
/usr/lib/openoffice/basis3.0/program/libunoxmlli.so
ac1e7000-ac1e8000 rw-p 00057000 08:03 4118259   
/usr/lib/openoffice/basis3.0/program/libunoxmlli.so
ac1e8000-ac205000 r-xp 00000000 08:03 4118224   
/usr/lib/openoffice/basis3.0/program/liblocaledata_en.so
ac205000-ac206000 r--p 0001c000 08:03 4118224   
/usr/lib/openoffice/basis3.0/program/liblocaledata_en.so
ac206000-ac20b000 rw-p 0001d000 08:03 4118224   
/usr/lib/openoffice/basis3.0/program/liblocaledata_en.so
ac20b000-ac397000 r-xp 00000000 08:03 2511438    /usr/lib/libicui18n.so.40.1
ac397000-ac39c000 r--p 0018c000 08:03 2511438    /usr/lib/libicui18n.so.40.1
ac39c000-ac39e000 rw-p 00191000 08:03 2511438    /usr/lib/libicui18n.so.40.1
ac3ab000-ac3bb000 rw-p ac3ab000 00:00 0 
ac3bb000-ac4f3000 r-xp 00000000 08:03 4118217   
/usr/lib/openoffice/basis3.0/program/i18npool.uno.so
ac4f3000-ac500000 r--p 00138000 08:03 4118217   
/usr/lib/openoffice/basis3.0/program/i18npool.uno.so
ac500000-ac503000 rw-p 00145000 08:03 4118217   
/usr/lib/openoffice/basis3.0/program/i18npool.uno.so
ac503000-ac515000 rw-p ac503000 00:00 0 
ac515000-ac516000 ---p ac515000 00:00 0 
ac516000-acd16000 rw-p ac516000 00:00 0 
acd16000-ad9cb000 r-xp 00000000 08:03 4120734   
/usr/lib/openoffice/basis3.0/program/libswli.so
ad9cb000-ada06000 r--p 00cb4000 08:03 4120734   
/usr/lib/openoffice/basis3.0/program/libswli.so
ada06000-ada39000 rw-p 00cef000 08:03 4120734   
/usr/lib/openoffice/basis3.0/program/libswli.so
ada39000-ada3b000 rw-p ada39000 00:00 0 
ada3b000-ada3c000 ---p ada3b000 00:00 0 
ada3c000-ae23c000 rw-p ada3c000 00:00 0 
ae23c000-ae26e000 r-xp 00000000 08:03 412073

Comment 1 wsouzant 2009-06-01 22:27:30 UTC

Created attachment 62692 [details]
The file said in the email

Comment 2 Joost Andrae 2009-06-02 14:00:53 UTC

On Solaris x86 the document hangs whilst loading. I've checked this in
OOO310_m11. Reassigning issue to hbr. Please have a look

Comment 3 jbf.faure 2009-06-02 20:58:15 UTC

Tested with OOo 3.1.0 FR/US on Ubuntu 8.04 : freeze with 100% CPU. Need to kill
soffice process.

Comment 4 kpalagin 2009-06-05 13:10:34 UTC

2.4.1 opens just fine, 3.0.0 loops.

Comment 5 Martin Hollmichel 2009-08-04 16:14:51 UTC

reassign target and set target

Comment 6 Martin Hollmichel 2009-08-04 20:42:08 UTC

reassign

Comment 7 openoffice 2009-08-05 16:50:33 UTC

@wsouzant: The attached RTF file looks quite strange. There are lots of RTF
commands written like "\ command". The structure of "{"s and and "}"s seems to
be incoherent as well. Do you know which tool generated the RTF?

Saving with Word 2007 to RTF and loading the result with DEV300_m53 does not get
rid of the loop.

Comment 8 openoffice 2009-08-11 15:23:56 UTC

Analysis: Some of the tools I used seem to have mixed up my rtf file and caused the strange rtf I mentioned earlier.
A reduced rtf file, containing only the first table, loops, too.

Comment 9 Risto Jääskeläinen 2010-01-15 10:34:37 UTC

OpenOffice.org 3.2 RC2 hang when I try open file 10266-2-2.rtf.  When same file
is first saved with WordPad, it can be opened with Openoffice.org with text
layout somewhat distorted. 

With best regard
Risto

Comment 10 openoffice 2010-02-02 13:26:55 UTC

started

Comment 11 openoffice 2010-08-25 12:22:25 UTC

Analysis in DEV300_m86:

Loops in SwNodes::_MoveNodes at nodes.cxx called from SwDoc::MoveNodeRange at docedt.cxx:1203

Comment 12 Mathias_Bauer 2011-02-17 15:18:04 UTC

According to our new regression issue handling for the 3.4 relrease the field
priority is now used as the order we want to work on them, no longer as a
"severity". The high number of regressions in the WW8 filters makes it necessary
to prioritize them as we won't be able to fix all of them for 3.4. We decided to
first focus on the export. Thus most regressions in the import filter now get
priority "P4", what means that they will be reevaluated in the next release cycle.

Comment 13 hanya 2014-01-27 13:30:06 UTC

No crash with the file attached in Comment 1 on 4.0.1 and 4.1.0-dev.

Comment 14 Marcus 2017-05-20 10:45:27 UTC

Reset the assignee to the default "issues@openoffice.apache.org".