Summary: | kde5: Crash when navigating tree in accerciser (Accessibility Explorer) | ||
---|---|---|---|
Product: | LibreOffice | Reporter: | Michael Weghorn <m.weghorn> |
Component: | UI | Assignee: | Michael Weghorn <m.weghorn> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | m.weghorn, xiscofauli |
Priority: | medium | ||
Version: | 6.3.0.0.alpha0+ | ||
Hardware: | All | ||
OS: | Linux (All) | ||
Whiteboard: | target:6.4.0 target:6.2.5 target:6.3.0.1 | ||
Crash report or crash signature: | Regression By: | ||
Bug Depends on: | |||
Bug Blocks: | 102495 | ||
Attachments: |
Video showing what to do in accerciser to make LibreOffice crash
gdb backtrace at the problematic place Screenshot of accerciser with gtk3 and problematic offset |
Description
Michael Weghorn
2018-12-19 15:10:53 UTC
Hi Michael Weghorn, is this issue still reproducible in master ? (In reply to Xisco Faulí from comment #1) > Hi Michael Weghorn, > is this issue still reproducible in master ? Yes, still reproducible with Version: 6.3.0.0.alpha0+ Build ID: fef58ec13c548fbd692adabafb0a84f50c273146 CPU threads: 2; OS: Linux 4.19; UI render: default; VCL: kde5; TinderBox: Linux-rpm_deb-x86_64@86-TDF, Branch:master, Time: 2019-01-21_04:32:52 Locale: en-US (en_DK.UTF-8); UI-Language: en-US Calc: threaded Thanks. Moving to NEW Tentative duplicate of bug 122056 Created attachment 151790 [details]
gdb backtrace at the problematic place
Created attachment 151791 [details]
Screenshot of accerciser with gtk3 and problematic offset
The problem is that 'Qt5AccessibleWidget::attributes' is called with 'offset' having the same value as the length of the text for the status bar entry and that causes and IndexOutOfBoundsException (maximum index allowed is length -1).
The problematic index can also be observed when e.g. using the gtk3 VCL plugin for LibreOffice and navigating to the entry in accerciser.
The attached screenshot shows accerciser with offset 11 used for a text of length 11 ("Page 1 of 1"). It can be seen that no text attributes are shown and "Start" and "End" are set to random (uninitialized) values, while all of those have reasonable values when using a lower value for the offset.
It'd need further investigation what exactly is allowed here.
I'll upload a patch that will make qt5 also ignore invalid offsets.
Change in Gerrit: https://gerrit.libreoffice.org/73225 Michael Weghorn committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/+/93c81657c6111b4bb97a2bb9ec155465f9a6f523%5E%21 tdf#122200 Qt5AccessibleWidget: Handle special offset values It will be available in 6.4.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback. Fixed in master now; pending backports for 6.2 and 6.3: https://gerrit.libreoffice.org/#/c/73378/ https://gerrit.libreoffice.org/#/c/73379/ Michael Weghorn committed a patch related to this issue. It has been pushed to "libreoffice-6-2": https://git.libreoffice.org/core/+/0b904a8b3ceb648cf6466cb33f07310a3c70f793%5E%21 tdf#122200 Qt5AccessibleWidget: Handle special offset values It will be available in 6.2.5. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback. Michael Weghorn committed a patch related to this issue. It has been pushed to "libreoffice-6-3": https://git.libreoffice.org/core/+/5b54a62b086726f854a474623e1330b28b7984b7%5E%21 tdf#122200 Qt5AccessibleWidget: Handle special offset values It will be available in 6.3.0.1. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback. |