Bug 820376

Summary: [abrt] libreoffice-core-3.4.5.2-8.fc16: ServerFont::GetGlyphData, graphite2::Slot::finalise killed by signal 11 (SIGSEGV)
Product: [Fedora] Fedora Reporter: Milan Bouchet-Valat <nalimilan>
Component: libreofficeAssignee: Caolan McNamara <caolanm>
Status: CLOSED WORKSFORME QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: caolanm, dtardon, erack, ltinkl, mstahl, sbergman
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:6fd36645ea138034f0c333d73dadc9f1778a8774
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-05-28 09:28:09 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Attachments:
Description Flags
File: dso_list
none
File: maps
none
File: backtrace none

Description Milan Bouchet-Valat 2012-05-09 15:15:11 EDT
libreport version: 2.0.8
abrt_version:   2.0.7
backtrace_rating: 4
cmdline:        /usr/lib64/libreoffice/program/soffice.bin --impress file:///home/milan/EHESS/Homogamie/S%C3%A9minaire%20LSQ.pptx --splash-pipe=7
comment:        Crashed while I searched in an ODP file.
crash_function: ServerFont::GetGlyphData
executable:     /usr/lib64/libreoffice/program/soffice.bin
kernel:         3.3.0-4.fc16.x86_64
pid:            13477
pwd:            /home/milan
reason:         Process /usr/lib64/libreoffice/program/soffice.bin was killed by signal 11 (SIGSEGV)
time:           mer. 09 mai 2012 18:05:08 CEST
uid:            1000
username:       milan

backtrace:      Text file, 66700 bytes
dso_list:       Text file, 31187 bytes
maps:           Text file, 121314 bytes

environ:
:XDG_VTNR=7
:INSIDE_NAUTILUS_PYTHON=
:XDG_SESSION_ID=4
:HOSTNAME=milan
:IMSETTINGS_INTEGRATE_DESKTOP=yes
:GIO_LAUNCHED_DESKTOP_FILE_PID=13465
:GPG_AGENT_INFO=/tmp/keyring-IEWnhl/gpg:0:1
:SHELL=/bin/bash
:TERM=dumb
:DESKTOP_STARTUP_ID=nautilus-4614-milan-libreoffice-86_TIME634413674
:HISTSIZE=1000
:XDG_SESSION_COOKIE=9e1782da896cc13ddd95ca060000000c-1334069432.227290-12299752
:GJS_DEBUG_OUTPUT=stderr
:OLDPWD=/usr/lib64/libreoffice/program
:GNOME_KEYRING_CONTROL=/tmp/keyring-IEWnhl
:'GJS_DEBUG_TOPICS=JS ERROR;JS LOG'
:IMSETTINGS_MODULE=none
:USER=milan
:SSH_AUTH_SOCK=/tmp/keyring-IEWnhl/ssh
:USERNAME=milan
:SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/2429,unix/unix:/tmp/.ICE-unix/2429
:GIO_LAUNCHED_DESKTOP_FILE=/usr/share/applications/libreoffice-impress.desktop
:MAIL=/var/spool/mail/milan
:PATH=/usr/lib64/ccache:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
:DESKTOP_SESSION=gnome
:QT_IM_MODULE=xim
:PWD=/home/milan
:XMODIFIERS=@im=none
:KDE_IS_PRELINKED=1
:GNOME_KEYRING_PID=2424
:LANG=fr_FR.utf8
:GDM_LANG=fr_FR.utf8
:KDEDIRS=/usr/local:/usr
:GDMSESSION=gnome
:HISTCONTROL=ignoredups
:HOME=/home/milan
:XDG_SEAT=seat0
:SHLVL=1
:GNOME_DESKTOP_SESSION_ID=this-is-deprecated
:SAL_ENABLE_FILE_LOCKING=1
:LOGNAME=milan
:CVS_RSH=ssh
:DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-RWSbl9NSvy,guid=fc6835a085ade148f43b2059000001dd
:'LESSOPEN=||/usr/bin/lesspipe.sh %s'
:WINDOWPATH=7
:XDG_RUNTIME_DIR=/run/user/milan
:DISPLAY=:0.0
:CCACHE_HASHDIR=
:XAUTHORITY=/var/run/gdm/auth-for-milan-iv9dZy/database
:LD_LIBRARY_PATH=/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/lib/amd64/client:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/lib/amd64/native_threads:/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/lib/amd64

var_log_messages:
:May  9 18:05:08 milan kernel: [754171.973412] soffice.bin[13477]: segfault at a8 ip 00000036b27c6c50 sp 00007fff0529c660 error 4 in libvcllx.so[36b2400000+47e000]
:May  9 18:09:18 milan abrt[16929]: Saved core dump of pid 13477 (/usr/lib64/libreoffice/program/soffice.bin) to /var/spool/abrt/ccpp-2012-05-09-18:05:08-13477 (682958848 bytes)
Comment 1 Milan Bouchet-Valat 2012-05-09 15:15:19 EDT
Created attachment 583373 [details]
File: dso_list
Comment 2 Milan Bouchet-Valat 2012-05-09 15:15:22 EDT
Created attachment 583374 [details]
File: maps
Comment 3 Milan Bouchet-Valat 2012-05-09 15:15:27 EDT
Created attachment 583375 [details]
File: backtrace
Comment 4 Caolan McNamara 2012-05-09 15:52:27 EDT
hmm, seems a little familiar as a crash.

Are you able to provide the .odp that triggered the crash ?
Comment 5 Milan Bouchet-Valat 2012-05-09 16:49:39 EDT
Sure, I've sent you the file by private e-mail. Are you able to reproduce the crash?
Comment 7 Caolan McNamara 2012-05-28 09:28:09 EDT
Can't reproduce the original problem. I can see some uninitialized values getting used under valgrind, which I've now fixed with http://cgit.freedesktop.org/libreoffice/core/commit/?id=7c9ae6bd33a8da3d5dd1e8086ae9e4a53e7d102c but I don't think those are the root cause of this crash. More likely its some buginess in the graphite-font using code in vcl. Which are hopefully fixed by some of the various graphite fixing changes.