Bug 859148

Summary: [abrt] libreoffice-core-3.5.6.2-2.fc17: memcpy: Process /usr/lib64/libreoffice/program/soffice.bin was killed by signal 11 (SIGSEGV)
Product: [Fedora] Fedora Reporter: Ignace BIENVILLE <ignace.bienville>
Component: libreofficeAssignee: Caolan McNamara <caolanm>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 17CC: caolanm, dtardon, erack, ltinkl, masterf6, mstahl, sbergman
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:717263220bd59520589b26dc423be347a15ba957
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-09-21 07:02:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: core_backtrace
none
File: environ
none
File: limits
none
File: backtrace
none
File: cgroup
none
File: maps
none
File: dso_list
none
File: var_log_messages
none
File: open_fds none

Description Ignace BIENVILLE 2012-09-20 16:28:19 UTC 
Description of problem:
apres un end session, il devais etre ouvert avec un fichier

Version-Release number of selected component:
libreoffice-core-3.5.6.2-2.fc17

Additional info:
libreport version: 2.0.13
abrt_version:   2.0.12
backtrace_rating: 4
cmdline:        /usr/lib64/libreoffice/program/soffice.bin --writer file:///home/ignace/Dropbox/Projet%20Formation/Projet%203%20-%20C%23%20-%20Mailing%20SMS/Cahier%20des%20charges/Cahier%20des%20Charges.docx --splash-pipe=6
crash_function: memcpy
kernel:         3.5.3-1.fc17.x86_64

truncated backtrace:
:Thread no. 1 (3 frames)
: #0 memcpy at ../sysdeps/x86_64/memcpy.S
: #1 ICEConnectionWorker at /usr/src/debug/libreoffice-3.5.6.2/vcl/unx/generic/app/sm.cxx
: #2 osl_thread_start_Impl at thread.c
Comment 1 Ignace BIENVILLE 2012-09-20 16:28:24 UTC 
Created attachment 614973 [details]
File: core_backtrace
Comment 2 Ignace BIENVILLE 2012-09-20 16:28:27 UTC 
Created attachment 614974 [details]
File: environ
Comment 3 Ignace BIENVILLE 2012-09-20 16:28:31 UTC 
Created attachment 614975 [details]
File: limits
Comment 4 Ignace BIENVILLE 2012-09-20 16:28:34 UTC 
Created attachment 614976 [details]
File: backtrace
Comment 5 Ignace BIENVILLE 2012-09-20 16:28:36 UTC 
Created attachment 614977 [details]
File: cgroup
Comment 6 Ignace BIENVILLE 2012-09-20 16:28:41 UTC 
Created attachment 614978 [details]
File: maps
Comment 7 Ignace BIENVILLE 2012-09-20 16:28:43 UTC 
Created attachment 614979 [details]
File: dso_list
Comment 8 Ignace BIENVILLE 2012-09-20 16:28:46 UTC 
Created attachment 614980 [details]
File: var_log_messages
Comment 9 Ignace BIENVILLE 2012-09-20 16:28:48 UTC 
Created attachment 614981 [details]
File: open_fds
Comment 10 Michael Stahl 2012-09-20 17:49:26 UTC 
> Thread 1 (Thread 0x7f5bcc99f700 (LWP 3661)):
> #0  __memcpy_sse2 () at ../sysdeps/x86_64/memcpy.S:125
> No locals.
> #1  0x00007f5bcf7a76b3 in ICEConnectionWorker () at /usr/src/debug/libreoffice-3.5.6.2/vcl/unx/generic/app/sm.cxx:662
>        nConnectionsBefore = 1
>        bWakeup = <optimized out>
>        nBytes = 16
>        pLocalFD = 0x0
>        nRet = <optimized out>

ICEConnectionWorker:
>>            pLocalFD = (struct pollfd*)rtl_allocateMemory( nBytes );
>>            memcpy( pLocalFD, pThis->m_pFilehandles, nBytes );


so rtl_allocateMemory returned 0 because rtl allocator is being shut down concurrently in thread 2:

> Thread 2 (Thread 0x7f5bbbc8a700 (LWP 3662)):
> #7  0x0000003825a3b0bd in rtl_memory_fini () at /usr/src/debug/libreoffice-3.5.6.2/sal/rtl/source/alloc_global.cxx:254
No locals.
> #8  0x0000003820e38f5a in __cxa_finalize (d=0x3825c5a2a0) at cxa_finalize.c:56


hmm... why does thread 2 run global destructors of sal library when other threads are still running?
Comment 11 Stephan Bergmann 2012-09-21 07:02:56 UTC 

*** This bug has been marked as a duplicate of bug 831628 ***
Comment 12 Caolan McNamara 2013-08-03 11:17:26 UTC 
*** Bug 991554 has been marked as a duplicate of this bug. ***