Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.

To: Vincent Lefevre <vincent@vinc17.net>
Cc: Rene Engelhard <rene@debian.org>, 595229@bugs.debian.org, Julien Danjou <acid@debian.org>
Subject: Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
From: Michael Meeks <michael.meeks@novell.com>
Date: Mon, 06 Sep 2010 12:17:53 +0200
Message-id: <[🔎] 1283768273.14362.18.camel@linux-iwk5.site>
Reply-to: michael.meeks@novell.com, 595229@bugs.debian.org
In-reply-to: <[🔎] 20100906093202.GK26553@prunille.vinc17.org>
References: <[🔎] 20100902090658.GA1916@ypig.lip.ens-lyon.fr> <[🔎] 20100902093830.GC17860@rene-engelhard.de> <[🔎] 20100902102149.GT26553@prunille.vinc17.org> <[🔎] 1283427768.3947.86.camel@linux-iwk5.site> <[🔎] 20100902135757.GA26553@prunille.vinc17.org> <[🔎] 1283764429.14362.10.camel@linux-iwk5.site> <[🔎] 20100906093202.GK26553@prunille.vinc17.org>

Hi Vincent,

On Mon, 2010-09-06 at 11:32 +0200, Vincent Lefevre wrote:
> > 	And send in /tmp/val-log ( probably best compressed unless you can
> > supress the runaway java nonsense ;-). Hopefully that will pin-point the
> > heap corruption to the line.
> 
> It's only 34 KB. Attached.

	Wonderful ;-) thanks for that - it seems to show the bug in an
interaction with freetype:

==21743== Invalid read of size 8
==21743==    at 0xC059F30: FT_Done_Glyph
(in /usr/lib/libfreetype.so.6.6.0)
==21743==    by 0x93DE72E: FreetypeServerFont::InitGlyphData(int,
GlyphData&) const (in /usr/lib/openoffice/basis3.2/program/libvcllx.so)
..
==21743==  Address 0x18 is not stack'd, malloc'd or (recently) free'd

	which triggers the segv handler:

==21743== Conditional jump or move depends on uninitialised value(s)
==21743==    at 0x4E5CF96: SignalHandlerFunction
(in /usr/lib/ure/lib/libuno_sal.so.3)
==21743==    by 0x5C771DF: ??? (in /lib/libc-2.11.2.so)
..

	Unfortunately, you didn't install the debuginfo symbols [ or you are
using some architecture valgrind can't unwind ]. 

	Any chance you can install the freetype and OO.o debuginfo and get
another valgrind trace ? [ Rene what packages / commands would Vincent
need for that ] ?

	Thanks,

		Michael.

-- 
 michael.meeks@novell.com  <><, Pseudo Engineer, itinerant idiot

Reply to:

Follow-Ups:
- Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
  - From: Vincent Lefevre <vincent@vinc17.net>

References:
- Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
  - From: Vincent Lefevre <vincent@vinc17.net>
- Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
  - From: Rene Engelhard <rene@debian.org>
- Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
  - From: Vincent Lefevre <vincent@vinc17.net>
- Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
  - From: Michael Meeks <michael.meeks@novell.com>
- Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
  - From: Vincent Lefevre <vincent@vinc17.net>
- Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
  - From: Michael Meeks <michael.meeks@novell.com>
- Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
  - From: Vincent Lefevre <vincent@vinc17.net>

Prev by Date: Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
Next by Date: Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
Previous by thread: Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
Next by thread: Bug#595229: openoffice.org crashed then froze with _XAllocID: Assertion `ret != inval_id' failed.
Index(es):
- Date
- Thread