https://bz.apache.org/ooo/show_bug.cgi?id=127783
--- Comment #12 from [email protected] --- The latest trunk still crashes on FreeBSD/amd64, with the same kind of stack trace I posted in comment 6. Note how even in that comment: #14 0x000000080e6d36fc in SdPage::SetAutoLayout(AutoLayout, unsigned char, unsigned char) (this=0x8, eLayout=<optimized out>, bInit=1 '\001', bCreate=<optimized out>) at source/core/sdpage.cxx:1575 This "this=0x8" is definitely wrong. Also frame 15 passes different values to that method to what frame 14 sees. If we put a breakpoint on the frame 15 line of code, and step into the frame 14 method, the frame 14 parameters are passed and received correctly. In other words, STACK CORRUPTION occurs later, corrupting the stack as deep as frame 14!!! This is then a potential security issue too. -- You are receiving this mail because: You are the assignee for the issue.
