Bug 1033353

Summary: [abrt] libreoffice-core-4.1.3.2-4.fc20: String::Assign: Process /usr/lib64/libreoffice/program/soffice.bin was killed by signal 11 (SIGSEGV)
Product: [Fedora] Fedora Reporter: Matteo Settenvini <matteo>
Component: libreofficeAssignee: Caolan McNamara <caolanm>
Status: CLOSED WORKSFORME QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: caolanm, dtardon, erack, ltinkl, matteo, mstahl, sbergman
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/f041c8711043495312afffb73916d86d8d5aef9a
Whiteboard: abrt_hash:2542fc0454bd433ef7ffb54e0745297cfff31452
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-26 11:31:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: exploitable
none
File: limits
none
File: maps
none
File: open_fds
none
File: proc_pid_status
none
File: var_log_messages none

Description Matteo Settenvini 2013-11-21 22:53:04 UTC 
Description of problem:
Steps to reproduce (very often, though not always):
1. Open a document in Writer
2. Select some text
3. Create a new style for *text* (as opposed to *paragraph* styles)
4. Change something, click "Ok"
5. Try to remove the just-created style. Nothing happens.
6. With the same text selected, double click on the default style.
7. Try again to remove the custom style.
8. A window appears, telling you the *default* style is in use. Try to click okay anyway.
9. Crash.

Version-Release number of selected component:
libreoffice-core-4.1.3.2-4.fc20

Additional info:
reporter:       libreport-2.1.9
backtrace_rating: 4
cmdline:        /usr/lib64/libreoffice/program/soffice.bin --writer --splash-pipe=5
crash_function: String::Assign
executable:     /usr/lib64/libreoffice/program/soffice.bin
kernel:         3.11.8-300.fc20.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 String::Assign at /usr/src/debug/libreoffice-4.1.3.2/tools/source/string/strimp.cxx:180
 #1 operator= at /usr/src/debug/libreoffice-4.1.3.2/include/tools/string.hxx:183
 #2 SwUndoFmtDelete::SwUndoFmtDelete at /usr/src/debug/libreoffice-4.1.3.2/sw/source/core/undo/SwUndoFmt.cxx:107
 #3 SwUndoCharFmtDelete::SwUndoCharFmtDelete at /usr/src/debug/libreoffice-4.1.3.2/sw/source/core/undo/SwUndoFmt.cxx:273
 #4 SwDoc::DelCharFmt at /usr/src/debug/libreoffice-4.1.3.2/sw/source/core/doc/docfmt.cxx:1370
 #6 SwDocStyleSheetPool::Remove at /usr/src/debug/libreoffice-4.1.3.2/sw/source/ui/app/docstyle.cxx:2207
 #7 SwDocShell::Delete at /usr/src/debug/libreoffice-4.1.3.2/sw/source/ui/app/docst.cxx:855
 #8 SwDocShell::ExecStyleSheet at /usr/src/debug/libreoffice-4.1.3.2/sw/source/ui/app/docst.cxx:451
 #9 SfxShell::CallExec at /usr/src/debug/libreoffice-4.1.3.2/include/sfx2/shell.hxx:185
 #10 SfxDispatcher::Call_Impl at /usr/src/debug/libreoffice-4.1.3.2/sfx2/source/control/dispatch.cxx:243
Comment 1 Matteo Settenvini 2013-11-21 22:53:19 UTC 
Created attachment 827477 [details]
File: backtrace
Comment 2 Matteo Settenvini 2013-11-21 22:53:23 UTC 
Created attachment 827478 [details]
File: cgroup
Comment 3 Matteo Settenvini 2013-11-21 22:53:31 UTC 
Created attachment 827479 [details]
File: core_backtrace
Comment 4 Matteo Settenvini 2013-11-21 22:53:35 UTC 
Created attachment 827480 [details]
File: dso_list
Comment 5 Matteo Settenvini 2013-11-21 22:53:41 UTC 
Created attachment 827481 [details]
File: environ
Comment 6 Matteo Settenvini 2013-11-21 22:53:45 UTC 
Created attachment 827482 [details]
File: exploitable
Comment 7 Matteo Settenvini 2013-11-21 22:53:49 UTC 
Created attachment 827483 [details]
File: limits
Comment 8 Matteo Settenvini 2013-11-21 22:53:57 UTC 
Created attachment 827484 [details]
File: maps
Comment 9 Matteo Settenvini 2013-11-21 22:54:02 UTC 
Created attachment 827485 [details]
File: open_fds
Comment 10 Matteo Settenvini 2013-11-21 22:54:06 UTC 
Created attachment 827486 [details]
File: proc_pid_status
Comment 11 Matteo Settenvini 2013-11-21 22:54:10 UTC 
Created attachment 827487 [details]
File: var_log_messages
Comment 12 Caolan McNamara 2013-11-22 14:35:32 UTC 
Is this reproducible in any way ? Looks like maybe deleting a style from the style navigator ?
Comment 13 David Tardon 2014-01-09 12:04:50 UTC 
(In reply to Caolan McNamara from comment #12)
> Is this reproducible in any way ? Looks like maybe deleting a style from the
> style navigator ?

There is already a description in comment 0... But I cannot reproduce the problem.

dtardon->matteo-ml: Does this happen for random documents or always with the same one? Step 5 from your description always works here.
Comment 14 Matteo Settenvini 2014-01-26 11:31:45 UTC 
Thanks David, and sorry for the long time responding to this bug.
I tried it with a newer version of LibreOffice I have installed right now (4.2.0.3-2.fc21), and I cannot reproduce this anymore. I take it was fixed upstream, somewhere in the last releases.

Closing as WORKSFORME.