[Libreoffice-bugs] [Bug 128917] New: LO segfaults in libpdfiumlo.so on CIFS mount, under certain conditions

bugzilla-daemon at bugs.documentfoundation.org bugzilla-daemon at bugs.documentfoundation.org
Wed Nov 20 13:06:22 UTC 2019


https://bugs.documentfoundation.org/show_bug.cgi?id=128917

            Bug ID: 128917
           Summary: LO segfaults in libpdfiumlo.so on CIFS mount, under
                    certain conditions
           Product: LibreOffice
           Version: unspecified
          Hardware: All
                OS: Linux (All)
            Status: UNCONFIRMED
          Severity: normal
          Priority: medium
         Component: LibreOffice
          Assignee: libreoffice-bugs at lists.freedesktop.org
          Reporter: ungift-ed at ya.ru

I found my LO hangs when open "wrong" file from CIFS

under very specific conditions:

1.0. CIFS mount point on Synology NAS (Samba 4.4.16). Can't reproduce on Samba
from desktop Linux. Can't reproduce from Windows share.

2.0. SAL_ENABLE_FILE_LOCKING should be set. Even to empty
SAL_ENABLE_FILE_LOCKING= Same issue for 0 and 1.

3.1. echo "test" > test.odt
3.2. test.txt work fine, but test.{odp|odt|doc|docx|etc.} fails

I'm use Gentoo ebuild.
With debuginfo I have this backtrace for app-office/libreoffice-6.3.3.2:

$ cd /mnt/mountpoint
$ echo "test" > test.odp

$ $ SAL_ENABLE_FILE_LOCKING= gdb /usr/lib64/libreoffice/program/soffice.bin
GNU gdb (Gentoo 8.3.1 vanilla) 8.3.1
This GDB was configured as "x86_64-pc-linux-gnu".

(gdb) run --writer test.odp 
Starting program: /usr/lib64/libreoffice/program/soffice.bin --writer test.odp
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[Detaching after fork from child process 187502]
[New Thread 0x7fffedc0f700 (LWP 187503)]
[New Thread 0x7fffed40e700 (LWP 187504)]
[New Thread 0x7fffecb36700 (LWP 187505)]
[New Thread 0x7fffdffff700 (LWP 187506)]
[New Thread 0x7fffdf725700 (LWP 187507)]
[New Thread 0x7fffdef24700 (LWP 187508)]
[Thread 0x7fffdef24700 (LWP 187508) exited]
[Thread 0x7fffedc0f700 (LWP 187503) exited]

Thread 1 "soffice.bin" received signal SIGBUS, Bus error.
0x00007fffcddf0e86 in void
boost::spirit::skipper_iteration_policy<boost::spirit::iteration_policy>::skip<boost::spirit::scanner<boost::spirit::file_iterator<char,
boost::spirit::fileiter_impl::mmap_file_iterator<char> >,
boost::spirit::scanner_policies<boost::spirit::skipper_iteration_policy<boost::spirit::iteration_policy>,
boost::spirit::match_policy, boost::spirit::action_policy> >
>(boost::spirit::scanner<boost::spirit::file_iterator<char,
boost::spirit::fileiter_impl::mmap_file_iterator<char> >,
boost::spirit::scanner_policies<boost::spirit::skipper_iteration_policy<boost::spirit::iteration_policy>,
boost::spirit::match_policy, boost::spirit::action_policy> > const&) const
[clone .isra.0] () from
/usr/lib64/libreoffice/program/../program/libpdfimportlo.so

(gdb) bt full
#0  0x00007fffcddf0e86 in void
boost::spirit::skipper_iteration_policy<boost::spirit::iteration_policy>::skip<boost::spirit::scanner<boost::spirit::file_iterator<char,
boost::spirit::fileiter_impl::mmap_file_iterator<char> >,
boost::spirit::scanner_policies<boost::spirit::skipper_iteration_policy<boost::spirit::iteration_policy>,
boost::spirit::match_policy, boost::spirit::action_policy> >
>(boost::spirit::scanner<boost::spirit::file_iterator<char,
boost::spirit::fileiter_impl::mmap_file_iterator<char> >,
boost::spirit::scanner_policies<boost::spirit::skipper_iteration_policy<boost::spirit::iteration_policy>,
boost::spirit::match_policy, boost::spirit::action_policy> > const&) const
[clone .isra.0] () from
/usr/lib64/libreoffice/program/../program/libpdfimportlo.so
No symbol table info available.
#1  0x00007fffcddf1391 in pdfparse::PDFReader::read(char const*) () from
/usr/lib64/libreoffice/program/../program/libpdfimportlo.so
No symbol table info available.
#2  0x00007fffcdde0990 in pdfi::getAdditionalStream(rtl::OUString const&,
rtl::OUString&, rtl::OUString&,
com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&,
bool) ()
   from /usr/lib64/libreoffice/program/../program/libpdfimportlo.so
No symbol table info available.
#3  0x00007fffcdde1512 in
pdfi::PDFDetector::detect(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>&)
() from /usr/lib64/libreoffice/program/../program/libpdfimportlo.so
No symbol table info available.
#4  0x00007ffff57fa57d in
filter::config::TypeDetection::impl_askDetectService(rtl::OUString const&,
utl::MediaDescriptor&) () from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#5  0x00007ffff57fa92e in
filter::config::TypeDetection::impl_detectTypeFlatAndDeep(utl::MediaDescriptor&,
std::vector<filter::config::FlatDetectionInfo,
std::allocator<filter::config::FlatDetectionInfo> > const&, bool,
std::vector<rtl::OUString, std::allocator<rtl::OUString> >&, rtl::OUString&) ()
from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#6  0x00007ffff57fcd80 in
filter::config::TypeDetection::queryTypeByDescriptor(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>&,
unsigned char) () from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#7  0x00007ffff58c8388 in framework::LoadEnv::impl_detectTypeAndFilter() ()
from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#8  0x00007ffff58cb4d8 in framework::LoadEnv::startLoading() () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#9  0x00007ffff586f0d0 in
framework::LoadDispatcher::impl_dispatch(com::sun::star::util::URL const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&,
com::sun::star::uno::Reference<com::sun::star::frame::XDispatchResultListener>
const&) ()
   from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#10 0x00007ffff586f5e9 in
framework::LoadDispatcher::dispatchWithReturnValue(com::sun::star::util::URL
const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>
const&) () from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#11 0x00007ffff54466cd in
comphelper::SynchronousDispatch::dispatch(com::sun::star::uno::Reference<com::sun::star::uno::XInterface>
const&, rtl::OUString const&, rtl::OUString const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) ()
   from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#12 0x00007ffff5e8c310 in
desktop::DispatchWatcher::executeDispatchRequests(std::vector<desktop::DispatchWatcher::DispatchRequest,
std::allocator<desktop::DispatchWatcher::DispatchRequest> > const&, bool) ()
from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#13 0x00007ffff5e94989 in
desktop::RequestHandler::ExecuteCmdLineRequests(desktop::ProcessDocumentsRequest&,
bool) () from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#14 0x00007ffff5e7db4e in desktop::Desktop::OpenClients() () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#15 0x00007ffff5e7f552 in desktop::Desktop::OpenClients_Impl(void*) () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#16 0x00007ffff6a6e203 in ImplWindowFrameProc(vcl::Window*, SalEvent, void
const*) () from /usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#17 0x00007ffff6ca3fbf in SalUserEventList::DispatchUserEvents(bool) () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#18 0x00007fffee8bd097 in call_userEventFn () from
/usr/lib64/libreoffice/program/libvclplug_gtk3lo.so
No symbol table info available.
#19 0x00007ffff366929e in g_main_context_dispatch () from
/usr/lib64/libglib-2.0.so.0
No symbol table info available.
#20 0x00007ffff3669648 in ?? () from /usr/lib64/libglib-2.0.so.0
No symbol table info available.
#21 0x00007ffff36696d7 in g_main_context_iteration () from
/usr/lib64/libglib-2.0.so.0
No symbol table info available.
#22 0x00007fffee8be69c in GtkSalData::Yield(bool, bool) () from
/usr/lib64/libreoffice/program/libvclplug_gtk3lo.so
No symbol table info available.
#23 0x00007ffff6cd66cd in ImplYield(bool, bool) () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#24 0x00007ffff6cd83dd in Application::Execute() () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#25 0x00007ffff5e80ad9 in desktop::Desktop::Main() () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#26 0x00007ffff6cdec41 in ImplSVMain() () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#27 0x00007ffff5e9a3a3 in soffice_main () from
/usr/lib64/libreoffice/program/libmergedlo.so
No symbol table info available.
#28 0x000055555555508c in main ()
No symbol table info available.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice-bugs/attachments/20191120/cf45bacc/attachment-0001.html>


More information about the Libreoffice-bugs mailing list