Apache OpenOffice (AOO) Bugzilla – Issue 102420
Crash on openning rtf file
Last modified: 2017-05-20 10:45:27 UTC
Hello, when i try to open de rtf file that is attached the error raises *** glibc detected *** /usr/lib/openoffice/program/soffice.bin: realloc(): invalid next size: 0x088f3120 *** ======= Backtrace: ========= /lib/libc.so.6[0xb7b81370] /lib/libc.so.6[0xb7b846f6] /lib/libc.so.6(realloc+0xf8)[0xb7b85898] /usr/lib/openoffice/program/../basis-link/ure-link/lib/libuno_sal.so.3(rtl_reallocateMemory+0x1d)[0xb7de53da] /usr/lib/openoffice/program/../basis-link/program/libsvlli.so(_ZN8SvPtrarr7_resizeEj+0x3a)[0xb7377fd6] /usr/lib/openoffice/program/../basis-link/program/libsvlli.so(_ZN8SvPtrarr6InsertERKPvt+0x3d)[0xb73789c1] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN11SwSttNdPtrs6InsertERPK11SwStartNodet+0x22)[0xad459e6e] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN7SwNodes10_MoveNodesERK11SwNodeRangeRS_RK11SwNodeIndexh+0xe7c)[0xad4592ae] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN5SwDoc4MoveER11SwNodeRangeR11SwNodeIndexN26IDocumentContentOperations11SwMoveFlagsE+0x254)[0xad3e8c94] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN11SwRTFParser12SetFlysInDocEv+0x685)[0xad632bcd] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN11SwRTFParser8ContinueEi+0x721)[0xad645d2f] /usr/lib/openoffice/program/../basis-link/program/libsvtli.so(_ZN11SvRTFParser10CallParserEv+0x90)[0xb71be188] /usr/lib/openoffice/program/../basis-link/program/libsvxli.so(_ZN12SvxRTFParser10CallParserEv+0xaa)[0xaf172d2e] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN11SwRTFParser10CallParserEv+0x64)[0xad63b598] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN9RtfReader4ReadER5SwDocRK6StringR5SwPaMS4_+0x123)[0xad642235] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN8SwReader4ReadERK6Reader+0x2f0)[0xad5c975a] /usr/lib/openoffice/program/../basis-link/program/libswli.so(_ZN10SwDocShell11ConvertFromER9SfxMedium+0xda)[0xad72d812] /usr/lib/openoffice/program/../basis-link/program/libsfxli.so(_ZN14SfxObjectShell6DoLoadEP9SfxMedium+0x13a7)[0xb7637de3] /usr/lib/openoffice/program/../basis-link/program/libsfxli.so(_ZN12SfxBaseModel4loadERKN3com3sun4star3uno8SequenceINS2_5beans13PropertyValueEEE+0x1dc)[0xb766dede] /usr/lib/openoffice/program/../basis-link/program/libsfxli.so(_ZN19SfxFrameLoader_Impl4loadERKN3com3sun4star3uno8SequenceINS2_5beans13PropertyValueEEERKNS3_9ReferenceINS2_5frame6XFrameEEE+0x1aff)[0xb76a1433] /usr/lib/openoffice/program/../basis-link/program/libfwkli.so[0xafa2721b] /usr/lib/openoffice/program/../basis-link/program/libfwkli.so[0xafa2748c] /usr/lib/openoffice/program/../basis-link/program/libfwkli.so[0xafa21e10] /usr/lib/openoffice/program/../basis-link/program/libfwkli.so[0xafa220fc] /usr/lib/openoffice/program/../basis-link/program/libcomphelp4gcc3.so(_ZN10comphelper19SynchronousDispatch8dispatchERKN3com3sun4star3uno9ReferenceINS4_10XInterfaceEEERKN3rtl8OUStringESD_lRKNS4_8SequenceINS3_5beans13PropertyValueEEE+0x18d)[0xb7a309b1] /usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d92342] /usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7da1444] /usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d8024c] /usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d80589] /usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d80631] /usr/lib/openoffice/program/../basis-link/program/libvclli.so(_ZNK4Link4CallEPv+0x1b)[0xb65a541f] /usr/lib/openoffice/program/../basis-link/program/libvclli.so(_Z19ImplWindowFrameProcP6WindowP8SalFrametPKv+0xcc0)[0xb675e3d4] /usr/lib/openoffice/basis3.0/program/libvclplug_genli.so(_ZNK8SalFrame12CallCallbackEtPKv+0x21)[0xb42b080b] /usr/lib/openoffice/basis3.0/program/libvclplug_genli.so(_ZN10SalDisplay21DispatchInternalEventEv+0x74)[0xb42e0446] /usr/lib/openoffice/basis3.0/program/libvclplug_gtkli.so(_ZN7GtkXLib11userEventFnEPv+0x95)[0xb46eec89] /usr/lib/openoffice/basis3.0/program/libvclplug_gtkli.so(call_userEventFn+0x1a)[0xb46eee04] /usr/lib/libglib-2.0.so.0[0xb4a0e341] /usr/lib/libglib-2.0.so.0(g_main_context_dispatch+0x17b)[0xb4a0ff1b] /usr/lib/libglib-2.0.so.0[0xb4a1341f] /usr/lib/libglib-2.0.so.0(g_main_context_iteration+0x77)[0xb4a13997] /usr/lib/openoffice/basis3.0/program/libvclplug_gtkli.so(_ZN7GtkXLib5YieldEbb+0x94)[0xb46eed3e] /usr/lib/openoffice/basis3.0/program/libvclplug_genli.so(_ZN14X11SalInstance5YieldEbb+0x2f)[0xb42e60f5] /usr/lib/openoffice/program/../basis-link/program/libvclli.so(_ZN11Application5YieldEb+0x5e)[0xb65ada7e] /usr/lib/openoffice/program/../basis-link/program/libvclli.so(_ZN11Application7ExecuteEv+0x2b)[0xb65adb47] /usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so[0xb7d7c518] /usr/lib/openoffice/program/../basis-link/program/libvclli.so(_Z10ImplSVMainv+0x49)[0xb65b268d] /usr/lib/openoffice/program/../basis-link/program/libvclli.so(_Z6SVMainv+0x2d)[0xb65b27a3] /usr/lib/openoffice/program/../basis-link/program/libsofficeapp.so(soffice_main+0xaa)[0xb7da8982] /usr/lib/openoffice/program/soffice.bin(main+0x20)[0x8048d84] /lib/libc.so.6(__libc_start_main+0xdc)[0xb7b2d60c] /usr/lib/openoffice/program/soffice.bin(__gxx_personality_v0+0x61)[0x8048ce1] ======= Memory map: ======== 08048000-0804a000 r-xp 00000000 08:03 4118292 /usr/lib/openoffice/program/soffice.bin 0804a000-0804b000 r--p 00001000 08:03 4118292 /usr/lib/openoffice/program/soffice.bin 0804b000-0804c000 rw-p 00002000 08:03 4118292 /usr/lib/openoffice/program/soffice.bin 08198000-08996000 rw-p 08198000 00:00 0 [heap] aa0e1000-aa561000 rw-p aa0e1000 00:00 0 aa561000-aa614000 r-xp 00000000 08:03 4118226 /usr/lib/openoffice/basis3.0/program/liblocaledata_euro.so aa614000-aa615000 r--p 000b2000 08:03 4118226 /usr/lib/openoffice/basis3.0/program/liblocaledata_euro.so aa615000-aa637000 rw-p 000b3000 08:03 4118226 /usr/lib/openoffice/basis3.0/program/liblocaledata_euro.so aa637000-aa638000 ---p aa637000 00:00 0 aa638000-aae38000 rw-p aa638000 00:00 0 aae38000-aaf6b000 r-xp 00000000 08:03 2297339 /usr/lib/libcrypto.so.0.9.8 aaf6b000-aaf73000 r--p 00132000 08:03 2297339 /usr/lib/libcrypto.so.0.9.8 aaf73000-aaf81000 rw-p 0013a000 08:03 2297339 /usr/lib/libcrypto.so.0.9.8 aaf81000-aaf85000 rw-p aaf81000 00:00 0 aaf85000-aafc6000 r-xp 00000000 08:03 2297342 /usr/lib/libssl.so.0.9.8 aafc6000-aafc7000 r--p 00040000 08:03 2297342 /usr/lib/libssl.so.0.9.8 aafc7000-aafca000 rw-p 00041000 08:03 2297342 /usr/lib/libssl.so.0.9.8 aafca000-aaffe000 r-xp 00000000 08:03 3213919 /usr/lib/libcups.so.2 aaffe000-aafff000 r--p 00034000 08:03 3213919 /usr/lib/libcups.so.2 aafff000-ab000000 rw-p 00035000 08:03 3213919 /usr/lib/libcups.so.2 ab000000-ab021000 rw-p ab000000 00:00 0 ab021000-ab100000 ---p ab021000 00:00 0 ab107000-ab117000 rw-p ab107000 00:00 0 ab117000-ab126000 r--s 00000000 08:03 384597 /usr/share/fonts/ttf-bitstream-vera/VeraBd.ttf ab126000-ab127000 ---p ab126000 00:00 0 ab127000-ab927000 rw-p ab127000 00:00 0 ab927000-ab928000 ---p ab927000 00:00 0 ab928000-ac128000 rw-p ab928000 00:00 0 ac128000-ac13c000 r-xp 00000000 08:03 4117585 /usr/lib/openoffice/basis3.0/program/vbaeventsli.uno.so ac13c000-ac13d000 r--p 00013000 08:03 4117585 /usr/lib/openoffice/basis3.0/program/vbaeventsli.uno.so ac13d000-ac13e000 rw-p 00014000 08:03 4117585 /usr/lib/openoffice/basis3.0/program/vbaeventsli.uno.so ac13e000-ac18f000 r--s 00000000 08:03 1704453 /usr/share/fonts/corefonts/times.ttf ac18f000-ac1df000 r-xp 00000000 08:03 4118259 /usr/lib/openoffice/basis3.0/program/libunoxmlli.so ac1df000-ac1e7000 r--p 0004f000 08:03 4118259 /usr/lib/openoffice/basis3.0/program/libunoxmlli.so ac1e7000-ac1e8000 rw-p 00057000 08:03 4118259 /usr/lib/openoffice/basis3.0/program/libunoxmlli.so ac1e8000-ac205000 r-xp 00000000 08:03 4118224 /usr/lib/openoffice/basis3.0/program/liblocaledata_en.so ac205000-ac206000 r--p 0001c000 08:03 4118224 /usr/lib/openoffice/basis3.0/program/liblocaledata_en.so ac206000-ac20b000 rw-p 0001d000 08:03 4118224 /usr/lib/openoffice/basis3.0/program/liblocaledata_en.so ac20b000-ac397000 r-xp 00000000 08:03 2511438 /usr/lib/libicui18n.so.40.1 ac397000-ac39c000 r--p 0018c000 08:03 2511438 /usr/lib/libicui18n.so.40.1 ac39c000-ac39e000 rw-p 00191000 08:03 2511438 /usr/lib/libicui18n.so.40.1 ac3ab000-ac3bb000 rw-p ac3ab000 00:00 0 ac3bb000-ac4f3000 r-xp 00000000 08:03 4118217 /usr/lib/openoffice/basis3.0/program/i18npool.uno.so ac4f3000-ac500000 r--p 00138000 08:03 4118217 /usr/lib/openoffice/basis3.0/program/i18npool.uno.so ac500000-ac503000 rw-p 00145000 08:03 4118217 /usr/lib/openoffice/basis3.0/program/i18npool.uno.so ac503000-ac515000 rw-p ac503000 00:00 0 ac515000-ac516000 ---p ac515000 00:00 0 ac516000-acd16000 rw-p ac516000 00:00 0 acd16000-ad9cb000 r-xp 00000000 08:03 4120734 /usr/lib/openoffice/basis3.0/program/libswli.so ad9cb000-ada06000 r--p 00cb4000 08:03 4120734 /usr/lib/openoffice/basis3.0/program/libswli.so ada06000-ada39000 rw-p 00cef000 08:03 4120734 /usr/lib/openoffice/basis3.0/program/libswli.so ada39000-ada3b000 rw-p ada39000 00:00 0 ada3b000-ada3c000 ---p ada3b000 00:00 0 ada3c000-ae23c000 rw-p ada3c000 00:00 0 ae23c000-ae26e000 r-xp 00000000 08:03 412073
Created attachment 62692 [details] The file said in the email
On Solaris x86 the document hangs whilst loading. I've checked this in OOO310_m11. Reassigning issue to hbr. Please have a look
Tested with OOo 3.1.0 FR/US on Ubuntu 8.04 : freeze with 100% CPU. Need to kill soffice process.
2.4.1 opens just fine, 3.0.0 loops.
reassign target and set target
reassign
@wsouzant: The attached RTF file looks quite strange. There are lots of RTF commands written like "\ command". The structure of "{"s and and "}"s seems to be incoherent as well. Do you know which tool generated the RTF? Saving with Word 2007 to RTF and loading the result with DEV300_m53 does not get rid of the loop.
Analysis: Some of the tools I used seem to have mixed up my rtf file and caused the strange rtf I mentioned earlier. A reduced rtf file, containing only the first table, loops, too.
OpenOffice.org 3.2 RC2 hang when I try open file 10266-2-2.rtf. When same file is first saved with WordPad, it can be opened with Openoffice.org with text layout somewhat distorted. With best regard Risto
started
Analysis in DEV300_m86: Loops in SwNodes::_MoveNodes at nodes.cxx called from SwDoc::MoveNodeRange at docedt.cxx:1203
According to our new regression issue handling for the 3.4 relrease the field priority is now used as the order we want to work on them, no longer as a "severity". The high number of regressions in the WW8 filters makes it necessary to prioritize them as we won't be able to fix all of them for 3.4. We decided to first focus on the export. Thus most regressions in the import filter now get priority "P4", what means that they will be reevaluated in the next release cycle.
No crash with the file attached in Comment 1 on 4.0.1 and 4.1.0-dev.
Reset the assignee to the default "issues@openoffice.apache.org".