Description: Calc crashes when the "steps to reproduce" are followed. Interestingly, opening the Function Wizard window does NOT cause Calc to crash in the following closely related scenarios: - Instead of the =SUM(1) formula, a simpler =1 formula is used. - The formula is =SUM(1), but instead of using the Cmd-F2 keyboard shortcut, the Function Wizard window is opened by clicking on the "fx" icon/button on the formula bar, or by using the menu Insert > Function. Steps to Reproduce: 1. Create a new blank spreadsheet. 2. Enter the =SUM(1) formula in cell A1. 3. Select cell A1 and type Cmd-F2 (Apple/Mac keyboard shortcut). Actual Results: Calc crashes. Expected Results: The Function Wizard window opens. Reproducible: Always User Profile Reset: Yes Additional Info: About LibreOffice: Version: 6.0.2.1 Build ID: f7f06a8f319e4b62f9bc5095aa112a65d2f3ac89 CPU threads: 4; OS: Mac OS X 10.13.3; UI render: default; Locale: en-GB (en_GB.UTF-8); Calc: group User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36
Reproduced in - Version: 6.1.0.0.alpha0+ Build ID: 56fd575d5ee092436f5e864f457063d68b7a5b0a CPU threads: 8; OS: Mac OS X 10.13.3; UI render: GL; Locale: en-US (en_ES.UTF-8); Calc: group - Version: 6.0.2.1 Build ID: f7f06a8f319e4b62f9bc5095aa112a65d2f3ac89 CPU threads: 8; OS: Mac OS X 10.13.3; UI render: default; Locale: en-US (en_ES.UTF-8); Calc: group - Version: 6.0.0.0.alpha1+ Build ID: 6eeac3539ea4cac32d126c5e24141f262eb5a4d9 CPU threads: 8; OS: Mac OS X 10.13.3; UI render: default; Locale: en-US (en_ES.UTF-8); Calc: group threaded but not in Version: 5.4.5.1 Build ID: 79c9829dd5d8054ec39a82dc51cd9eff340dbee8 CPU threads: 8; OS: Mac OS X 10.13.3; UI render: default; Locale: en-US (en_ES.UTF-8); Calc: group
Reproduced in Version: 6.0.0.0.alpha0+ Build ID: 8d2a287da3abb0576512406227d0a3acd602123e CPU threads: 8; OS: Mac OS X 10.13.3; UI render: default; Locale: en-US (en_ES.UTF-8); Calc: group
Regression introduced in range https://cgit.freedesktop.org/libreoffice/core/log/?qt=range&q=b3992ddcd13082a934246b717ae22f57394e6533..40f181207574827827d2bf1b4ad72d46fc8ff1fb
Regression introduced by: author Eike Rathke <erack@redhat.com> 2017-07-16 15:18:09 +0200 committer Eike Rathke <erack@redhat.com> 2017-07-16 15:18:42 +0200 commit bf1ffc64128f5b96d7c2fcc7adc81cbc25e232fd (patch) tree a6908df747fad0c6ef3c721130cf0aba115712cf parent b4cf899ce03fc29a0c8056126386ef41564d8ec6 (diff) FormulaDlg_Impl::UpdateValues: evaluate in force-array context if present Tested by reverting the commit locally. Adding Cc: to Eike Rathke
Can't reproduce on Linux with the equivalent Ctrl+F2
(In reply to Eike Rathke from comment #5) > Can't reproduce on Linux with the equivalent Ctrl+F2 Yep, unfortunately it's only mac... Adding Tor Lillqvist as CC as well...
Can reproduce, yes. Will look into it.
Backtrace from crash. When using the ⌘F2 shortcut, m_pTokenArray is null here. #0 0x000000019ac6bc89 in formula::FormulaDlg_Impl::UpdateValues(bool) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:573 #1 0x000000019ac70754 in formula::FormulaDlg_Impl::FillControls(bool&, bool&) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:981 #2 0x000000019ac6facd in formula::FormulaDlg_Impl::FillDialog(bool) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:852 #3 0x000000019ac760f2 in formula::FormulaDlg_Impl::Update(rtl::OUString const&) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:1605 #4 0x000000019ac781df in formula::FormulaDlg::Update(rtl::OUString const&) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:1844 #5 0x00000001a35cf61c in ScFormulaDlg::ScFormulaDlg(SfxBindings*, SfxChildWindow*, vcl::Window*, ScViewData const*, formula::IFunctionManager const*) at /Users/tml/lo/osx/sc/source/ui/formdlg/formula.cxx:179 #6 0x00000001a3d0ef03 in VclPtr<ScFormulaDlg> VclPtr<ScFormulaDlg>::Create<SfxBindings*&, SfxChildWindow*&, vcl::Window*&, ScViewData*, ScFunctionMgr*>(SfxBindings*&&&, SfxChildWindow*&&&, vcl::Window*&&&, ScViewData*&&, ScFunctionMgr*&&) at /Users/tml/lo/osx/include/vcl/vclptr.hxx:131 #7 0x00000001a3d0c63f in ScTabViewShell::CreateRefDialog(SfxBindings*, SfxChildWindow*, SfxChildWinInfo const*, vcl::Window*, unsigned short) at /Users/tml/lo/osx/sc/source/ui/view/tabvwshc.cxx:436 #8 0x00000001a3c6b516 in ScFormulaDlgWrapper::ScFormulaDlgWrapper(vcl::Window*, unsigned short, SfxBindings*, SfxChildWinInfo const*) at /Users/tml/lo/osx/sc/source/ui/view/reffact.cxx:126 #9 0x00000001a3c6809b in ScFormulaDlgWrapper::ScFormulaDlgWrapper(vcl::Window*, unsigned short, SfxBindings*, SfxChildWinInfo const*) at /Users/tml/lo/osx/sc/source/ui/view/reffact.cxx:126 #10 0x00000001a3c6802c in ScFormulaDlgWrapper::CreateImpl(vcl::Window*, unsigned short, SfxBindings*, SfxChildWinInfo*) at /Users/tml/lo/osx/sc/source/ui/view/reffact.cxx:48 #11 0x00000001020e5fd0 in SfxChildWindow::CreateChildWindow(unsigned short, vcl::Window*, SfxBindings*, SfxChildWinInfo const&) at /Users/tml/lo/osx/sfx2/source/appl/childwin.cxx:256 #12 0x000000010219f767 in SfxWorkWindow::CreateChildWin_Impl(SfxChildWin_Impl*, bool) at /Users/tml/lo/osx/sfx2/source/appl/workwin.cxx:1337 #13 0x00000001021a2dc6 in SfxWorkWindow::ToggleChildWindow_Impl(unsigned short, bool) at /Users/tml/lo/osx/sfx2/source/appl/workwin.cxx:1848 #14 0x00000001021a4385 in SfxWorkWindow::SetChildWindow_Impl(unsigned short, bool, bool) at /Users/tml/lo/osx/sfx2/source/appl/workwin.cxx:2046 #15 0x00000001027c108b in SfxViewFrame::SetChildWindow(unsigned short, bool, bool) at /Users/tml/lo/osx/sfx2/source/view/viewfrm.cxx:3031 #16 0x00000001a32650e6 in ScModule::SetRefDialog(unsigned short, bool, SfxViewFrame*) at /Users/tml/lo/osx/sc/source/ui/app/scmod.cxx:1547 #17 0x00000001a3ae9dd0 in ScCellShell::Execute(SfxRequest&) at /Users/tml/lo/osx/sc/source/ui/view/cellsh3.cxx:311 #18 0x00000001a3ab5fb5 in SfxStubScCellShellExecute(SfxShell*, SfxRequest&) at /Users/tml/lo/osx/workdir/SdiTarget/sc/sdi/scslots.hxx:7246 #19 0x0000000102200762 in SfxShell::CallExec(void (*)(SfxShell*, SfxRequest&), SfxRequest&) at /Users/tml/lo/osx/include/sfx2/shell.hxx:211 #20 0x0000000102200431 in SfxDispatcher::Call_Impl(SfxShell&, SfxSlot const&, SfxRequest&, bool) at /Users/tml/lo/osx/sfx2/source/control/dispatch.cxx:355 #21 0x00000001022081a2 in SfxDispatcher::Execute_(SfxShell&, SfxSlot const&, SfxRequest&, SfxCallMode) at /Users/tml/lo/osx/sfx2/source/control/dispatch.cxx:877 #22 0x00000001021ed4b2 in SfxBindings::Execute_Impl(SfxRequest&, SfxSlot const*, SfxShell*) at /Users/tml/lo/osx/sfx2/source/control/bindings.cxx:1071 #23 0x00000001022d8cbb in SfxDispatchController_Impl::dispatch(com::sun::star::util::URL const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&, com::sun::star::uno::Reference<com::sun::star::frame::XDispatchResultListener> const&) at /Users/tml/lo/osx/sfx2/source/control/unoctitm.cxx:758 #24 0x00000001022d74ee in SfxOfficeDispatch::dispatch(com::sun::star::util::URL const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) at /Users/tml/lo/osx/sfx2/source/control/unoctitm.cxx:226 #25 0x0000000185c78eed in framework::MenuBarManager::Select(Menu*) at /Users/tml/lo/osx/framework/source/uielement/menubarmanager.cxx:902 #26 0x0000000185c78708 in framework::MenuBarManager::LinkStubSelect(void*, Menu*) at /Users/tml/lo/osx/framework/source/uielement/menubarmanager.cxx:838 #27 0x0000000107a5aeaf in Link<Menu*, bool>::Call(Menu*) const at /Users/tml/lo/osx/include/tools/link.hxx:84 #28 0x0000000107a5bbc8 in Menu::Select() at /Users/tml/lo/osx/vcl/source/window/menu.cxx:359 #29 0x0000000107a68e80 in Menu::ImplCallSelect(void*) at /Users/tml/lo/osx/vcl/source/window/menu.cxx:2132 #30 0x0000000107a5bb18 in Menu::LinkStubImplCallSelect(void*, void*) at /Users/tml/lo/osx/vcl/source/window/menu.cxx:2129 #31 0x0000000107bb6e18 in Link<void*, void>::Call(void*) const at /Users/tml/lo/osx/include/tools/link.hxx:84 #32 0x0000000107bb472c in ImplHandleUserEvent(ImplSVEvent*) at /Users/tml/lo/osx/vcl/source/window/winproc.cxx:1928 #33 0x0000000107bb138e in ImplWindowFrameProc(vcl::Window*, SalEvent, void const*) at /Users/tml/lo/osx/vcl/source/window/winproc.cxx:2479 #34 0x00000001083ad085 in SalFrame::CallCallback(SalEvent, void const*) const at /Users/tml/lo/osx/vcl/inc/salframe.hxx:279 #35 0x00000001083ad00a in AquaSalInstance::ProcessEvent(SalUserEventList::SalUserEvent) at /Users/tml/lo/osx/vcl/osx/salinst.cxx:425 #36 0x00000001081d3eea in SalUserEventList::DispatchUserEvents(bool) at /Users/tml/lo/osx/vcl/source/app/salusereventlist.cxx:109 #37 0x00000001083ae0be in AquaSalInstance::DoYield(bool, bool) at /Users/tml/lo/osx/vcl/osx/salinst.cxx:587 #38 0x000000010823e169 in ImplYield(bool, bool) at /Users/tml/lo/osx/vcl/source/app/svapp.cxx:470 #39 0x000000010823da74 in Application::Yield() at /Users/tml/lo/osx/vcl/source/app/svapp.cxx:535 #40 0x000000010823d9f1 in Application::Execute() at /Users/tml/lo/osx/vcl/source/app/svapp.cxx:450 #41 0x00000001004401d1 in desktop::Desktop::Main() at /Users/tml/lo/osx/desktop/source/app/app.cxx:1633 #42 0x000000010824f83b in ImplSVMain() at /Users/tml/lo/osx/vcl/source/app/svmain.cxx:198 #43 0x00000001083ad2c5 in AquaSalInstance::handleAppDefinedEvent(NSEvent*) at /Users/tml/lo/osx/vcl/osx/salinst.cxx:464 #44 0x0000000108511fd0 in ::-[VCL_NSApplication sendEvent:](NSEvent *) at /Users/tml/lo/osx/vcl/osx/vclnsapp.mm:99 #45 0x00007fff353ea8b5 in -[NSApplication run] () #46 0x00007fff353b9a72 in NSApplicationMain () #47 0x00000001083ab9aa in ImplSVMainHook(int*) at /Users/tml/lo/osx/vcl/osx/salinst.cxx:224 #48 0x000000010825257c in SVMain() at /Users/tml/lo/osx/vcl/source/app/svmain.cxx:233 #49 0x00000001004b99da in ::soffice_main() at /Users/tml/lo/osx/desktop/source/app/sofficemain.cxx:170 #50 0x0000000100000f5d in sal_main at /Users/tml/lo/osx/desktop/source/app/main.c:48 #51 0x0000000100000f37 in main at /Users/tml/lo/osx/desktop/source/app/main.c:47
When using the menu entry instead, m_pTokenArray gets set at: #0 0x0000000186d0afcf in formula::FormulaDlg_Impl::UpdateTokenArray(rtl::OUString const&) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:829 #1 0x0000000186d0a964 in formula::FormulaDlg_Impl::CalcStruct(rtl::OUString const&, bool) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:638 #2 0x0000000186d140e1 in formula::FormulaDlg_Impl::Update(rtl::OUString const&) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:1604 #3 0x0000000186d161df in formula::FormulaDlg::Update(rtl::OUString const&) at /Users/tml/lo/osx/formula/source/ui/dlg/formula.cxx:1844 #4 0x000000018c1d061c in ScFormulaDlg::ScFormulaDlg(SfxBindings*, SfxChildWindow*, vcl::Window*, ScViewData const*, formula::IFunctionManager const*) at /Users/tml/lo/osx/sc/source/ui/formdlg/formula.cxx:179 #5 0x000000018c90ff03 in VclPtr<ScFormulaDlg> VclPtr<ScFormulaDlg>::Create<SfxBindings*&, SfxChildWindow*&, vcl::Window*&, ScViewData*, ScFunctionMgr*>(SfxBindings*&&&, SfxChildWindow*&&&, vcl::Window*&&&, ScViewData*&&, ScFunctionMgr*&&) at /Users/tml/lo/osx/include/vcl/vclptr.hxx:131 #6 0x000000018c90d63f in ScTabViewShell::CreateRefDialog(SfxBindings*, SfxChildWindow*, SfxChildWinInfo const*, vcl::Window*, unsigned short) at /Users/tml/lo/osx/sc/source/ui/view/tabvwshc.cxx:436 #7 0x000000018c86c516 in ScFormulaDlgWrapper::ScFormulaDlgWrapper(vcl::Window*, unsigned short, SfxBindings*, SfxChildWinInfo const*) at /Users/tml/lo/osx/sc/source/ui/view/reffact.cxx:126 #8 0x000000018c86909b in ScFormulaDlgWrapper::ScFormulaDlgWrapper(vcl::Window*, unsigned short, SfxBindings*, SfxChildWinInfo const*) at /Users/tml/lo/osx/sc/source/ui/view/reffact.cxx:126 #9 0x000000018c86902c in ScFormulaDlgWrapper::CreateImpl(vcl::Window*, unsigned short, SfxBindings*, SfxChildWinInfo*) at /Users/tml/lo/osx/sc/source/ui/view/reffact.cxx:48 #10 0x00000001020e5fd0 in SfxChildWindow::CreateChildWindow(unsigned short, vcl::Window*, SfxBindings*, SfxChildWinInfo const&) at /Users/tml/lo/osx/sfx2/source/appl/childwin.cxx:256 #11 0x000000010219f767 in SfxWorkWindow::CreateChildWin_Impl(SfxChildWin_Impl*, bool) at /Users/tml/lo/osx/sfx2/source/appl/workwin.cxx:1337 #12 0x00000001021a2dc6 in SfxWorkWindow::ToggleChildWindow_Impl(unsigned short, bool) at /Users/tml/lo/osx/sfx2/source/appl/workwin.cxx:1848 #13 0x00000001021a4385 in SfxWorkWindow::SetChildWindow_Impl(unsigned short, bool, bool) at /Users/tml/lo/osx/sfx2/source/appl/workwin.cxx:2046 #14 0x00000001027c108b in SfxViewFrame::SetChildWindow(unsigned short, bool, bool) at /Users/tml/lo/osx/sfx2/source/view/viewfrm.cxx:3031 #15 0x000000018be660e6 in ScModule::SetRefDialog(unsigned short, bool, SfxViewFrame*) at /Users/tml/lo/osx/sc/source/ui/app/scmod.cxx:1547 #16 0x000000018c6eadd0 in ScCellShell::Execute(SfxRequest&) at /Users/tml/lo/osx/sc/source/ui/view/cellsh3.cxx:311 But when using the shortcut, it still is null.
The problem is the lovely "optimisation" in FormulaDlg_Impl::CalcStruct(), "Only calculate the value when there isn't any more keyboard input". For some reason, on macOS, when being invoked through the shortcut, that Application::AnyInput( VclInputFlags::KEYBOARD ) returns true, so the code thinks that "there is more keyboard input" and won't call UpdateTokenArray(), which sets m_pTokenArray. I wonder if this means that one could possibly reproduce this on Linux, too, by just having the Ctrl-F2 auto-repeat long enough, or something? Anyway, I think that optmisation is questionable, especially as the exact semantics of our horrible event loop API, like Application::AnyInput(), is under-defined and probably can and will change in various minor ways when people work on improving it on the Mac (and perhaps other platforms, too). (The event loop etc certainly needs improvement on the Mac, the "WindowServer grows to tens of gigabytes when running make check" issue is related. Unfortunately nobody has come up with a simple fix for that yet, exactly because we use our event loop related APIs in so imaginative ways all over the code, and fixing one thing breaks another.) Anyway, will submit a change that drops the "Only calculate the value when there isn't any more keyboard input" optimisation.
Suggested fix at https://gerrit.libreoffice.org/#/c/54448/
Tor Lillqvist committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=16f784b10695d1d3212463f96f597c665a90a8e2 tdf#116511: Drop questionable check for more keyboard input It will be available in 6.1.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Tor Lillqvist committed a patch related to this issue. It has been pushed to "libreoffice-6-0": http://cgit.freedesktop.org/libreoffice/core/commit/?id=7245c6fdadce1e3b04ccdf839f0f688fcfdcad09&h=libreoffice-6-0 tdf#116511: Drop questionable check for more keyboard input It will be available in 6.0.5. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Verified in Version: 6.1.0.0.alpha1+ Build ID: 8d42de21c10bfefeaffabc5c939e7830a09f7dca CPU threads: 8; OS: Mac OS X 10.13.3; UI render: GL; TinderBox: MacOSX-x86_64@49-TDF, Branch:master, Time: 2018-05-24_03:38:39 Locale: en-US (en_ES.UTF-8); Calc: group @Tor, Thanks for fixing this!!