Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1375168 - Impress crashes when entering a comment in a certain way
Summary: Impress crashes when entering a comment in a certain way
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: libreoffice
Version: 24
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Caolan McNamara
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-09-12 11:13 UTC by Tor Lillqvist
Modified: 2016-09-15 22:52 UTC (History)
6 users (show)

Fixed In Version: libreoffice-5.1.5.2-5.fc24 libreoffice-5.1.5.2-6.fc24
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-09-15 22:52:44 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Tor Lillqvist 2016-09-12 11:13:43 UTC
Description of problem:

Impress crashes when you enter a comment and click in a certain way.

Version-Release number of selected component (if applicable):
5.1.5

How reproducible:

Easily

Steps to Reproduce:
1. libreoffice --impress
2. click the "Click to add Text"
3. type whatever sdfsdf
4. select Insert>Comment from the menu
5. type whatever sdfsdf into the yellow comment box
6. click the button with the down arrow in the lower-right corner of the yellow comment box
7. ignore the menu that pops up with three entries, and click somewhere else in the slide
8. the "LibreOffice Document Recovery" dialog appears, indicating that the soffice.bin process crashed

Actual results:


Expected results:


Additional info:

Comment 1 Stephan Bergmann 2016-09-12 11:30:15 UTC
Crash is

> Thread 1 "soffice.bin" received signal SIGSEGV, Segmentation fault.
> 0x00007faeb6b279e7 in vcl::Window::ImplGetWindowExtentsRelative(vcl::Window*, bool) const () from /usr/lib64/libreoffice/program/libvcllo.so
> (gdb) bt
> #0  0x00007faeb6b279e7 in vcl::Window::ImplGetWindowExtentsRelative(vcl::Window*, bool) const () at /usr/lib64/libreoffice/program/libvcllo.so
> #1  0x00007faeb6b27aff in vcl::Window::GetWindowExtentsRelative(vcl::Window*) const () at /usr/lib64/libreoffice/program/libvcllo.so
> #2  0x00007faeb6ad72a7 in MenuFloatingWindow::doShutdown() () at /usr/lib64/libreoffice/program/libvcllo.so
> #3  0x00007faeb6ad1aa3 in PopupMenu::ImplExecute(vcl::Window*, Rectangle const&, FloatWinPopupFlags, Menu*, bool) () at /usr/lib64/libreoffice/program/libvcllo.so
> #4  0x00007fae787c9a87 in sd::AnnotationManagerImpl::ExecuteAnnotationContextMenu(com::sun::star::uno::Reference<com::sun::star::office::XAnnotation>, vcl::Window*, Rectangle const&, bool) () at /usr/lib64/libreoffice/program/../program/libsdlo.so
> #5  0x00007fae787cd9e8 in sd::AnnotationWindow::MouseButtonDown(MouseEvent const&) () at /usr/lib64/libreoffice/program/../program/libsdlo.so
> #6  0x00007faeb6b36734 in ImplHandleMouseEvent(vcl::Window*, MouseNotifyEvent, bool, long, long, unsigned long, unsigned short, MouseEventModifiers) () at /usr/lib64/libreoffice/program/libvcllo.so
> #7  0x00007faeb6b38922 in ImplWindowFrameProc(vcl::Window*, SalFrame*, unsigned short, void const*) () at /usr/lib64/libreoffice/program/libvcllo.so
> #8  0x00007fae9a835f2e in GtkSalFrame::signalButton(_GtkWidget*, _GdkEventButton*, void*) () at /usr/lib64/libreoffice/program/libvclplug_gtk3lo.so
> #13 0x00007faeb069243f in <emit signal ??? on instance 0x5591b525ae20 [GtkEventBox]> (instance=instance@entry=0x5591b525ae20, signal_id=<optimized out>, detail=detail@entry=0) at gsignal.c:3441
>     #9  0x00007fae9a10c4ec in _gtk_marshal_BOOLEAN__BOXED (closure=0x5591b545fdf0, return_value=0x7fff91a28c80, n_param_values=<optimized out>, param_values=0x7fff91a28ce0, invocation_hint=<optimized out>, marshal_data=<optimized out>) at gtkmarshalers.c:86
>     #10 0x00007faeb06773e5 in g_closure_invoke (closure=0x5591b545fdf0, return_value=return_value@entry=0x7fff91a28c80, n_param_values=2, param_values=param_values@entry=0x7fff91a28ce0, invocation_hint=invocation_hint@entry=0x7fff91a28c60) at gclosure.c:804
>     #11 0x00007faeb0689432 in signal_emit_unlocked_R (node=node@entry=0x5591b5052830, detail=detail@entry=0, instance=instance@entry=0x5591b525ae20, emission_return=emission_return@entry=0x7fff91a28e00, instance_and_params=instance_and_params@entry=0x7fff91a28ce0) at gsignal.c:3629
>     #12 0x00007faeb0691b8f in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fff91a28eb0) at gsignal.c:3395
> #14 0x00007fae9a24e9fc in gtk_widget_event_internal (widget=0x5591b525ae20 [GtkEventBox], event=0x5591b5421ae0) at gtkwidget.c:7731
> #15 0x00007fae9a10975e in propagate_event (topmost=<optimized out>, event=<optimized out>, widget=0x5591b525ae20 [GtkEventBox]) at gtkmain.c:2545
> #16 0x00007fae9a10975e in propagate_event (widget=<optimized out>, event=0x5591b5421ae0, captured=<optimized out>, topmost=0x0) at gtkmain.c:2647
> #17 0x00007fae9a10b692 in gtk_main_do_event (event=0x5591b5421ae0) at gtkmain.c:1878
> #18 0x00007fae99c460c5 in _gdk_event_emit (event=event@entry=0x5591b5421ae0) at gdkevents.c:73
> #19 0x00007fae99c730b2 in gdk_event_source_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at gdkeventsource.c:367
> #20 0x00007faeb03a36ba in g_main_context_dispatch (context=0x5591b50458e0) at gmain.c:3154
> #21 0x00007faeb03a36ba in g_main_context_dispatch (context=context@entry=0x5591b50458e0) at gmain.c:3769
> #22 0x00007faeb03a3a70 in g_main_context_iterate (context=context@entry=0x5591b50458e0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3840
> #23 0x00007faeb03a3b1c in g_main_context_iteration (context=0x5591b50458e0, may_block=1) at gmain.c:3901
> #24 0x00007fae9a8088b3 in GtkData::Yield(bool, bool) () at /usr/lib64/libreoffice/program/libvclplug_gtk3lo.so
> #25 0x00007faeb6d3c811 in Application::Yield() () at /usr/lib64/libreoffice/program/libvcllo.so
> #26 0x00007faeb6d3ed95 in Application::Execute() () at /usr/lib64/libreoffice/program/libvcllo.so
> #27 0x00007faebcb99a65 in desktop::Desktop::Main() () at /usr/lib64/libreoffice/program/libsofficeapp.so
> #28 0x00007faeb6d42671 in ImplSVMain() () at /usr/lib64/libreoffice/program/libvcllo.so
> #29 0x00007faeb6d426c2 in SVMain() () at /usr/lib64/libreoffice/program/libvcllo.so
> #30 0x00007faebcbc1d42 in soffice_main () at /usr/lib64/libreoffice/program/libsofficeapp.so
> #31 0x00005591b21f07db in main ()

Comment 2 Caolan McNamara 2016-09-12 12:46:18 UTC
This appears to get fixed in master by..

26333736f103342344b9b0fa20a3a04d426fac4f
and
ed42a984099b8847aedbdd638c7e20e0b68a9290
which rework this menu interation

Comment 3 Tor Lillqvist 2016-09-12 12:52:46 UTC
Thanks, impressed by the response time. Maybe I should have filed this more incognito;)

Comment 4 Caolan McNamara 2016-09-12 13:22:45 UTC
Incognito would have saved the "why doesn't he fix it himself" time

Comment 5 Tor Lillqvist 2016-09-12 13:37:34 UTC
I would, but I could not reproduce in my own 5.1 build (on the same machine), go figure.

Comment 6 Fedora Update System 2016-09-14 07:58:30 UTC
libreoffice-5.1.5.2-6.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-752a909d3b

Comment 7 Fedora Update System 2016-09-14 20:56:20 UTC
libreoffice-5.1.5.2-6.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-752a909d3b

Comment 8 Fedora Update System 2016-09-15 22:52:37 UTC
libreoffice-5.1.5.2-6.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.