[Libreoffice-bugs] [Bug 47727] New: FILEOPEN Valgrind error during Word file loading

Thu, 22 Mar 2012 09:10:22 -0700 

https://bugs.freedesktop.org/show_bug.cgi?id=47727

             Bug #: 47727
           Summary: FILEOPEN Valgrind error during Word file loading
    Classification: Unclassified
           Product: LibreOffice
           Version: LibO Master
          Platform: x86-64 (AMD64)
        OS/Version: Linux (All)
            Status: UNCONFIRMED
          Severity: minor
          Priority: medium
         Component: Writer
        AssignedTo: libreoffice-bugs@lists.freedesktop.org
        ReportedBy: arnaud.vers...@gmail.com


There is a memory error on the Word filter in LibreOffice 

Procedure to reproduce :

- Run LibreOffice with valgrind --tool=memcheck
- Open the RTF specification from
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=10725 in
doc format
- There is a message like this on the console reported by valgrind :

==24771==    at 0x24ACD4AC: SVBT16ToShort(unsigned char const*) (solar.h:88)
==24771==    by 0x24B77419: SwWW8ImplReader::Read_UL(unsigned short, unsigned
char const*, short) (ww8par6.cxx:4180)
==24771==    by 0x24B79DBD: SwWW8ImplReader::ImportSprm(unsigned char const*,
unsigned short) (ww8par6.cxx:6140)
==24771==    by 0x24B2A807: WW8RStyle::ImportSprms(unsigned char*, short, bool)
(ww8par2.cxx:3640)
==24771==    by 0x24B2A8B6: WW8RStyle::ImportSprms(unsigned long, short, bool)
(ww8par2.cxx:3657)
==24771==    by 0x24B2AA8A: WW8RStyle::ImportUPX(short, bool, bool)
(ww8par2.cxx:3714)
==24771==    by 0x24B2AB7C: WW8RStyle::ImportGrupx(short, bool, bool)
(ww8par2.cxx:3736)
==24771==    by 0x24B2B89A: WW8RStyle::Import1Style(unsigned short)
(ww8par2.cxx:3944)
==24771==    by 0x24B2D54F: WW8RStyle::ImportNewFormatStyles()
(ww8par2.cxx:4455)
==24771==    by 0x24B2D5B0: WW8RStyle::ImportStyles() (ww8par2.cxx:4463)
==24771==    by 0x24B2D64C: WW8RStyle::Import() (ww8par2.cxx:4475)
==24771==    by 0x24AFC18E: SwWW8ImplReader::CoreLoad(WW8Glossary*, SwPosition
const&) (ww8par.cxx:4474)
==24771==    by 0x24AFF623: SwWW8ImplReader::LoadThroughDecryption(SwPaM&,
WW8Glossary*) (ww8par.cxx:5144)
==24771==    by 0x24B00960: SwWW8ImplReader::LoadDoc(SwPaM&, WW8Glossary*)
(ww8par.cxx:5452)
==24771==    by 0x24B00D89: WW8Reader::Read(SwDoc&, String const&, SwPaM&,
String const&) (ww8par.cxx:5541)
==24771==    by 0x21D8245A: SwReader::Read(Reader const&) (shellio.cxx:183)
==24771==    by 0x21EC275F: SwDocShell::ConvertFrom(SfxMedium&) (docsh.cxx:256)
==24771==    by 0x67507AB: SfxObjectShell::DoLoad(SfxMedium*) (objstor.cxx:746)
==24771==    by 0x679BF19:
SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>
const&) (sfxbasemodel.cxx:1904)
==24771==    by 0x67E840C:
SfxFrameLoader_Impl::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>
const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&)
(frmload.cxx:611)
==24771==    by 0x1AAADA2B: framework::LoadEnv::impl_loadContent()
(loadenv.cxx:1158)
==24771==    by 0x1AAAA49E: framework::LoadEnv::startLoading()
(loadenv.cxx:420)
==24771==    by 0x1AA304EA:
framework::LoadDispatcher::impl_dispatch(com::sun::star::util::URL const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&,
com::sun::star::uno::Reference<com::sun::star::frame::XDispatchResultListener>
const&) (loaddispatcher.cxx:168)
==24771==    by 0x1AA30179:
framework::LoadDispatcher::dispatch(com::sun::star::util::URL const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&)
(loaddispatcher.cxx:95)
==24771==    by 0x1AADE9A8: implDispatchDelayed(void*, void*)
(backingwindow.cxx:956)
==24771==    by 0x8363C11: Link::Call(void*) const (link.hxx:143)
==24771==    by 0x8819BFC: ImplHandleUserEvent(ImplSVEvent*) (winproc.cxx:1991)
==24771==    by 0x881AEB1: ImplWindowFrameProc(Window*, SalFrame*, unsigned
short, void const*) (winproc.cxx:2563)
==24771==    by 0x882C8BC: SalFrame::CallCallback(unsigned short, void const*)
const (in /media/Medias/core/solver/unxlngx6/lib/libvcllo.so)
==24771==    by 0x882C32F: SalGenericDisplay::DispatchInternalEvent()
(gendisp.cxx:102)
==24771==    by 0x10053C2C: GtkData::userEventFn(void*) (gtkdata.cxx:942)
==24771==    by 0x10053C83: call_userEventFn (gtkdata.cxx:952)
==24771==    by 0x12FA9A5C: g_main_context_dispatch (gmain.c:2441)
==24771==    by 0x12FAA257: g_main_context_iterate.isra.21 (gmain.c:3089)
==24771==    by 0x12FAA428: g_main_context_iteration (gmain.c:3152)
==24771==    by 0x10052BE3: GtkData::Yield(bool, bool) (gtkdata.cxx:581)
==24771==    by 0x10056797: GtkInstance::Yield(bool, bool) (gtkinst.cxx:606)
==24771==    by 0x837B69E: ImplYield(bool, bool) (svapp.cxx:451)
==24771==    by 0x8377AD8: Application::Yield(bool) (svapp.cxx:485)
==24771==    by 0x8377A79: Application::Execute() (svapp.cxx:430)
==24771==    by 0x411C263: desktop::Desktop::Main() (app.cxx:1808)
==24771==    by 0x8383E11: ImplSVMain() (svmain.cxx:178)
==24771==    by 0x8383F57: SVMain() (svmain.cxx:215)
==24771==    by 0x4156C81: soffice_main (sofficemain.cxx:79)
==24771==    by 0x400743: sal_main (main.c:34)
==24771==    by 0x400728: main (main.c:33)
==24771==  Address 0x1c851e17 is 0 bytes after a block of size 7 alloc'd
==24771==    at 0x4C2864B: operator new[](unsigned long)
(vg_replace_malloc.c:305)
==24771==    by 0x24B2A87A: WW8RStyle::ImportSprms(unsigned long, short, bool)
(ww8par2.cxx:3655)
==24771==    by 0x24B2AA8A: WW8RStyle::ImportUPX(short, bool, bool)
(ww8par2.cxx:3714)
==24771==    by 0x24B2AB7C: WW8RStyle::ImportGrupx(short, bool, bool)
(ww8par2.cxx:3736)
==24771==    by 0x24B2B89A: WW8RStyle::Import1Style(unsigned short)
(ww8par2.cxx:3944)
==24771==    by 0x24B2D54F: WW8RStyle::ImportNewFormatStyles()
(ww8par2.cxx:4455)
==24771==    by 0x24B2D5B0: WW8RStyle::ImportStyles() (ww8par2.cxx:4463)
==24771==    by 0x24B2D64C: WW8RStyle::Import() (ww8par2.cxx:4475)
==24771==    by 0x24AFC18E: SwWW8ImplReader::CoreLoad(WW8Glossary*, SwPosition
const&) (ww8par.cxx:4474)
==24771==    by 0x24AFF623: SwWW8ImplReader::LoadThroughDecryption(SwPaM&,
WW8Glossary*) (ww8par.cxx:5144)
==24771==    by 0x24B00960: SwWW8ImplReader::LoadDoc(SwPaM&, WW8Glossary*)
(ww8par.cxx:5452)
==24771==    by 0x24B00D89: WW8Reader::Read(SwDoc&, String const&, SwPaM&,
String const&) (ww8par.cxx:5541)
==24771==    by 0x21D8245A: SwReader::Read(Reader const&) (shellio.cxx:183)
==24771==    by 0x21EC275F: SwDocShell::ConvertFrom(SfxMedium&) (docsh.cxx:256)
==24771==    by 0x67507AB: SfxObjectShell::DoLoad(SfxMedium*) (objstor.cxx:746)
==24771==    by 0x679BF19:
SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>
const&) (sfxbasemodel.cxx:1904)
==24771==    by 0x67E840C:
SfxFrameLoader_Impl::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>
const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&)
(frmload.cxx:611)
==24771==    by 0x1AAADA2B: framework::LoadEnv::impl_loadContent()
(loadenv.cxx:1158)
==24771==    by 0x1AAAA49E: framework::LoadEnv::startLoading()
(loadenv.cxx:420)
==24771==    by 0x1AA304EA:
framework::LoadDispatcher::impl_dispatch(com::sun::star::util::URL const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&,
com::sun::star::uno::Reference<com::sun::star::frame::XDispatchResultListener>
const&) (loaddispatcher.cxx:168)
==24771==    by 0x1AA30179:
framework::LoadDispatcher::dispatch(com::sun::star::util::URL const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&)
(loaddispatcher.cxx:95)
==24771==    by 0x1AADE9A8: implDispatchDelayed(void*, void*)
(backingwindow.cxx:956)
==24771==    by 0x8363C11: Link::Call(void*) const (link.hxx:143)
==24771==    by 0x8819BFC: ImplHandleUserEvent(ImplSVEvent*) (winproc.cxx:1991)
==24771==    by 0x881AEB1: ImplWindowFrameProc(Window*, SalFrame*, unsigned
short, void const*) (winproc.cxx:2563)
==24771==    by 0x882C8BC: SalFrame::CallCallback(unsigned short, void const*)
const (in /media/Medias/core/solver/unxlngx6/lib/libvcllo.so)
==24771==    by 0x882C32F: SalGenericDisplay::DispatchInternalEvent()
(gendisp.cxx:102)
==24771==    by 0x10053C2C: GtkData::userEventFn(void*) (gtkdata.cxx:942)
==24771==    by 0x10053C83: call_userEventFn (gtkdata.cxx:952)
==24771==    by 0x12FA9A5C: g_main_context_dispatch (gmain.c:2441)
==24771==    by 0x12FAA257: g_main_context_iterate.isra.21 (gmain.c:3089)
==24771==    by 0x12FAA428: g_main_context_iteration (gmain.c:3152)
==24771==    by 0x10052BE3: GtkData::Yield(bool, bool) (gtkdata.cxx:581)
==24771==    by 0x10056797: GtkInstance::Yield(bool, bool) (gtkinst.cxx:606)
==24771==    by 0x837B69E: ImplYield(bool, bool) (svapp.cxx:451)
==24771==    by 0x8377AD8: Application::Yield(bool) (svapp.cxx:485)
==24771==    by 0x8377A79: Application::Execute() (svapp.cxx:430)
==24771==    by 0x411C263: desktop::Desktop::Main() (app.cxx:1808)
==24771==    by 0x8383E11: ImplSVMain() (svmain.cxx:178)
==24771==    by 0x8383F57: SVMain() (svmain.cxx:215)
==24771==    by 0x4156C81: soffice_main (sofficemain.cxx:79)
==24771==    by 0x400743: sal_main (main.c:34)
==24771==    by 0x400728: main (main.c:33)


Ps don't try to wait the end of opening it takes hours

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
_______________________________________________
Libreoffice-bugs mailing list
Libreoffice-bugs@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs

Reply via email to