Bug 168537

Summary: Draw segfault when accessing options menu.
Product: [Fedora] Fedora Reporter: Jonathan Underwood <jonathan.underwood>
Component: openoffice.orgAssignee: Caolan McNamara <caolanm>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 4   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 2.0.0-3.2 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-10-25 07:56:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Jonathan Underwood 2005-09-16 22:12:06 UTC
Description of problem:
Openoffice draw seg faults when accessing menu items under
tools->options->openoffice.org draw

Version-Release number of selected component (if applicable):
openoffice.org-draw-1.9.125-1.1.0.fc4

How reproducible:
Every time

Steps to Reproduce:
1. Start OO.org draw
2. Go to tools->options->openofficeorg
3. Click through General, View, Grid, Print a handful of times.
  
Actual results:
Segfault

Expected results:
No seg fault

Additional info:
The tail of a strace:
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGINT, {0x80760d4, [], 0}, {SIG_DFL}, 8) = 0
waitpid(-1, [{WIFSIGNALED(s) && WTERMSIG(s) == SIGSEGV}], 0) = 5077
fstat64(2, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7db9000
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=2528, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7db8000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2528
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0xb7db8000, 4096)                = 0
open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT
(No such file or directory)
open("/usr/share/locale/en_US.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT
(No such file or directory)
open("/usr/share/locale/en_US/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such
file or directory)
write(2, "/usr/lib/openoffice.org2.0/progr"...,
111/usr/lib/openoffice.org2.0/program/soffice: line 164:  5077 Segmentation
fault      "$sd_prog/$sd_binary" "$@"
) = 111
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGCHLD (Child exited) @ 0 (0) ---
waitpid(-1, 0xbfedac3c, WNOHANG)        = -1 ECHILD (No child processes)
sigreturn()                             = ? (mask now [])
rt_sigaction(SIGINT, {SIG_DFL}, {0x80760d4, [], 0}, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "\nwhile [ $? -eq 79 ]\ndo\n\t\"$sd_pr"..., 4897) = 58
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
munmap(0xb7db9000, 4096)                = 0
exit_group(0)                           = ?

Comment 1 Caolan McNamara 2005-09-19 08:38:25 UTC
any change you can

gdb /usr/lib/openoffice.org2.0/program/soffice.bin
(gdb) run -draw
and reproduce the crash and in gdb
(gdb) bt
and paste in the results ?

Comment 2 Jonathan Underwood 2005-09-19 09:03:56 UTC
Actually, I had tried that, and just tried again, but it doesn't actually
segfault when running inside gdb, which is odd. Without gdb I can reproduce this
bug on both my FC4 machines. With gdb, neither segfaults. Let me know if I can
provide any more info.

Comment 3 Caolan McNamara 2005-09-19 09:08:48 UTC
and there was no crash reporter dialog with the contents of the stack trace
either I assume

Comment 4 Jonathan Underwood 2005-09-19 09:14:11 UTC
That's correct - no crash reporter dialogue.

Comment 5 Jonathan Underwood 2005-09-19 09:20:19 UTC
Actually, even more confusing: I see this bug reproducibly if I start draw from
the menu entry in Gnome. But, if i start it via the command line with 
/usr/lib/openoffice.org2.0/program/soffice.bin -draw, then I don't see the crash.

Comment 6 Caolan McNamara 2005-09-19 09:47:55 UTC
got a stacktrace, 

#0  0x04792c9c in SdOptionsSnap::ReadData ()
   from /usr/lib/openoffice.org2.0/program/libsd680li.so
#1  0x04793707 in SdOptionsGeneric::Init ()
   from /usr/lib/openoffice.org2.0/program/libsd680li.so
#2  0x04771e90 in sd::ViewShell::GetViewFrame ()
   from /usr/lib/openoffice.org2.0/program/libsd680li.so
#3  0x047943f4 in SdOptionsSnap::operator== ()
   from /usr/lib/openoffice.org2.0/program/libsd680li.so
#4  0x0479451b in SdOptionsSnapItem::operator== ()
   from /usr/lib/openoffice.org2.0/program/libsd680li.so
#5  0x00536094 in SfxItemSet::Put ()
   from /usr/lib/openoffice.org2.0/program/libsvl680li.so
#6  0x03f63ce6 in ?? () from /usr/lib/openoffice.org2.0/program/libsdui680li.so
#7  0x03afec90 in ?? ()
#8  0xbfae23e4 in ?? ()
#9  0x00006ea9 in ?? ()
#10 0xbfae23f0 in ?? ()
#11 0xbfae2414 in ?? ()
#12 0x03f8ba6c in CreateDialogFactory ()
   from /usr/lib/openoffice.org2.0/program/libsdui680li.so


I suspect it's this gcc bug http://gcc.gnu.org/bugzilla/show_bug.cgi?id=22132

Comment 7 Caolan McNamara 2005-09-19 10:00:15 UTC
I'll patch up a workaround for gcc#22132# and we'll see if that solves this in
the next update which is real soon now.