Ubuntu
libreoffice package

soffice.bin crashed with SIGSEGV in shared_count()

Bug #1248263 reported by Toby Smithe on 2013-11-05

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	LibreOffice	Fix Released	Critical	tdf #71298
	libreoffice (Ubuntu)	Fix Released	Medium	Unassigned

Bug Description

I'm trying to open a docx file (attached), which consistently produces this crash instantly.

WORKAROUND: Use AbiWord.

apt-cache policy abiword
abiword:
  Installed: 3.0.0~svn20130523-1ubuntu2
  Candidate: 3.0.0~svn20130523-1ubuntu2
  Version table:
*** 3.0.0~svn20130523-1ubuntu2 0
        500 http://us.archive.ubuntu.com/ubuntu/ saucy/universe amd64 Packages
        100 /var/lib/dpkg/status

ProblemType: Crash
DistroRelease: Ubuntu 14.04
Package: libreoffice-core 1:4.1.2~rc3-0ubuntu2
Uname: Linux 3.11-6.dmz.1-liquorix-amd64 x86_64
ApportVersion: 2.12.6-0ubuntu1
Architecture: amd64
Date: Tue Nov 5 17:10:11 2013
EcryptfsInUse: Yes
ExecutablePath: /usr/lib/libreoffice/program/soffice.bin
ExecutableTimestamp: 1382386729
MarkForUpload: True
ProcCmdline: /usr/lib/libreoffice/program/soffice.bin --headless --accept=socket,port=8100;urp;
ProcCwd: /tmp
SegvAnalysis:
Segfault happened at: 0x7f33624954af <_ZN12writerfilter7dmapper12DomainMapper8lcl_sprmERNS_4SprmE+47>: mov -0x8(%rax),%rbx
PC (0x7f33624954af) ok
source "-0x8(%rax)" (0x000001f8) not located in a known VMA region (needed readable region)!
destination "%rbx" ok
Stack memory exhausted (SP below stack segment)
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: libreoffice
StacktraceTop:
writerfilter::dmapper::DomainMapper::lcl_sprm(writerfilter::Sprm&) () from /usr/lib/libreoffice/program/../program/libwriterfilterlo.so
?? () from /usr/lib/libreoffice/program/../program/libwriterfilterlo.so
?? () from /usr/lib/libreoffice/program/../program/libwriterfilterlo.so
writerfilter::dmapper::DomainMapper::lcl_props(boost::shared_ptr<writerfilter::Reference<writerfilter::Properties> >) () from /usr/lib/libreoffice/program/../program/libwriterfilterlo.so
writerfilter::LoggedStream::props(boost::shared_ptr<writerfilter::Reference<writerfilter::Properties> >) () from /usr/lib/libreoffice/program/../program/libwriterfilterlo.so
Title: soffice.bin crashed with SIGSEGV in writerfilter::dmapper::DomainMapper::lcl_sprm()
UpgradeStatus: Upgraded to trusty on 2013-05-04 (184 days ago)
UserGroups: adm cdrom dip libvirtd lpadmin plugdev sambashare sudo tty vboxusers video

See original description

Tags:

Revision history for this message

Toby Smithe (tsmithe) wrote on 2013-11-05:

crash document Edit (204.7 KiB, application/vnd.openxmlformats-officedocument.wordprocessingml.document)
Dependencies.txt Edit (7.0 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (1.8 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (149 bytes, text/plain; charset="utf-8")
ProcMaps.txt Edit (80.5 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (792 bytes, text/plain; charset="utf-8")
Registers.txt Edit (934 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (5.1 KiB, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (16.7 KiB, text/plain; charset="utf-8")
XsessionErrors.txt Edit (25.7 KiB, text/plain; charset="utf-8")

Revision history for this message

Apport retracing service (apport) wrote on 2013-11-05:

StacktraceTop:
shared_count (r=..., this=<optimized out>) at /usr/include/boost/smart_ptr/detail/shared_count.hpp:377
shared_ptr (r=..., this=<synthetic pointer>) at /usr/include/boost/smart_ptr/shared_ptr.hpp:397
getTableManager (this=0x7f3368311f90) at /build/buildd/libreoffice-4.1.2~rc3/writerfilter/source/dmapper/DomainMapper_Impl.hxx:593
writerfilter::dmapper::DomainMapper::lcl_sprm (this=0x7f336830f370, rSprm=...) at /build/buildd/libreoffice-4.1.2~rc3/writerfilter/source/dmapper/DomainMapper.cxx:1469
writerfilter::ooxml::OOXMLPropertyImpl::resolve (this=0x7f33683b3360, rProperties=...) at /build/buildd/libreoffice-4.1.2~rc3/writerfilter/source/ooxml/OOXMLPropertySetImpl.cxx:170

Revision history for this message

Apport retracing service (apport) wrote on 2013-11-05: Stacktrace.txt

Stacktrace.txt Edit (28.6 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2013-11-05: StacktraceSource.txt

StacktraceSource.txt Edit (9.6 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2013-11-05: ThreadStacktrace.txt

ThreadStacktrace.txt Edit (45.5 KiB, text/plain)

Changed in libreoffice (Ubuntu):
importance:	Undecided → Medium
summary:	- soffice.bin crashed with SIGSEGV in - writerfilter::dmapper::DomainMapper::lcl_sprm() + soffice.bin crashed with SIGSEGV in shared_count()
tags:	removed: need-amd64-retrace

penalvch (penalvch) on 2013-11-06

description:

updated

Revision history for this message

penalvch (penalvch) wrote on 2013-11-06:

Toby Smithe, thank you for taking the time to report this bug and helping to make Ubuntu better. The issue you are reporting is an upstream one. It would be nice if somebody having it could send the bug to the developers of the software by following the instructions verbatim at http://wiki.documentfoundation.org/BugReport . If you have done so, please tell us the number of the upstream bug (or the link), so we can add a bugwatch that will inform us about the status. Thanks in advance.

Helpful bug reporting tips:
https://help.ubuntu.com/community/ReportingBugs

description:	updated
tags:	added: saucy
Changed in libreoffice (Ubuntu):
status:	New → Triaged

Toby Smithe (tsmithe) on 2013-11-06

information type:

Private → Public

Revision history for this message

In Document Foundation Bugzilla #71298, Libreoffice-w (libreoffice-w) wrote on 2013-11-06:

Trying to open a docx file immediately produces a crash. I'm forwarding the bug that I reported downstream in Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1248263

The file that causes the crash is at https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1248263/+attachment/3900796/+files/aq131310162720369.docx

A stacktrace is available at https://launchpadlibrarian.net/155895337/Stacktrace.txt
Operating System: Ubuntu
Version: 4.1.2.3 release

Revision history for this message

Toby Smithe (tsmithe) wrote on 2013-11-06:

I have forwarded the bug upstream -- https://www.libreoffice.org/bugzilla/show_bug.cgi?id=71298

Bug Watch Updater (bug-watch-updater) on 2013-11-07

Changed in df-libreoffice:
importance:	Unknown → Critical
status:	Unknown → Confirmed

Revision history for this message

In Document Foundation Bugzilla #71298, julien2412 (serval2412-6) wrote on 2013-11-09:

Created attachment 88938
console + bt

On pc Debian x86-64 with master sources updated today, I reproduced the crash.
I attached console logs + bt

Revision history for this message

In Document Foundation Bugzilla #71298, julien2412 (serval2412-6) wrote on 2013-11-09:

#10

Miklos: one for you?

Revision history for this message

In Document Foundation Bugzilla #71298, Caolanm (caolanm) wrote on 2014-10-08:

#11

Fixed on 4-3 and master branches now

Bug Watch Updater (bug-watch-updater) on 2014-10-09

Changed in df-libreoffice:
status:	Confirmed → Fix Released

Marcus Tomlinson (marcustomlinson) on 2019-05-14

Changed in libreoffice (Ubuntu):
status:	Triaged → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1248439

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

tdf #71298
[RESOLVED FIXED] Edit

Bug watches keep track of this bug in other bug trackers.

Ubuntulibreoffice package

soffice.bin crashed with SIGSEGV in shared_count()

Bug Description

Duplicates of this bug

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
libreoffice package