124635 – CRASH: Opening file on Linux

Bug 124635 - CRASH: Opening file on Linux

Summary: CRASH: Opening file on Linux

Status:	RESOLVED FIXED

Alias:	None

Product:	LibreOffice
Classification:	Unclassified
Component:	Writer (show other bugs)
Version: (earliest affected)	6.0.0.0.alpha0+
Hardware:	All Linux (All)

Importance:	medium normal
Assignee:	Stephan Bergmann

URL:
Whiteboard:	target:6.3.0
Keywords:	bibisected, bisected, haveBacktrace, regression

Depends on:
Blocks:	File-Opening
	Show dependency tree / graph

Reported:	2019-04-09 22:43 UTC by Xisco Faulí
Modified:	2019-04-25 15:41 UTC (History)
CC List:	5 users (show)

See Also:	124962
Crash report or crash signature:

Attachments
gdb backtrace (42.73 KB, text/x-log) 2019-04-09 22:43 UTC, Xisco Faulí	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Xisco Faulí 2019-04-09 22:43:25 UTC

Created attachment 150635 [details]
gdb backtrace

Steps to reproduce:
1. Open attachment 96191 [details] from bug 76293

-> Crash

Reproduced in

Version: 6.3.0.0.alpha0+
Build ID: 040a54d89e8ca33171e86647ced8dc58efd85fbe
CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk3; 
Locale: ca-ES (ca_ES.UTF-8); UI-Language: en-US
Calc: threaded

but not in

Version: 6.3.0.0.alpha0+
Build ID: d31d77b7199ecc9a7edc899d9703e9da52d5cbd1
CPU threads: 1; OS: Windows 6.1; UI render: default; VCL: win; 
TinderBox: Win-x86@42, Branch:master, Time: 2019-04-01_00:04:09
Locale: es-ES (es_ES); UI-Language: en-US
Calc: threaded

Comment 1 Xisco Faulí 2019-04-09 22:54:28 UTC

Regression introduced by:

https://cgit.freedesktop.org/libreoffice/core/commit/?id=3840aede596e6fc24f7ed7df9100fb028134aac6

author	Jan-Marek Glogowski <glogow@fbihome.de>	2017-08-15 08:05:51 +0200
committer	Jan-Marek Glogowski <glogow@fbihome.de>	2017-09-19 09:25:14 +0200
commit 3840aede596e6fc24f7ed7df9100fb028134aac6 (patch)
tree 74d1d5efa3b2ad5448181fc185faf226aed192e4
parent 10b49dfb3996f99dec8dd0d2ffae2aef4022f395 (diff)
Unify SolarMutex implementations

Bisected with: bibisect-linux64-6.0

Adding Cc: to Jan-Marek Glogowski

Comment 2 Buovjaga 2019-04-17 17:40:41 UTC

No crash.

Arch Linux 64-bit
Version: 6.3.0.0.alpha0+
Build ID: d7f4f5650dd2c7fe1ccec50efd806e695b8bc18a
CPU threads: 8; OS: Linux 5.0; UI render: default; VCL: gtk3; 
Locale: fi-FI (fi_FI.UTF-8); UI-Language: en-US
Calc: threaded
Built on 17 April 2019

Comment 3 Jan-Marek Glogowski 2019-04-21 06:22:03 UTC

The real problem is:

commit 2eb36dc4b846ab5886ae71fd2978b56b2a2d1d08
Author: Stephan Bergmann <sbergman@redhat.com>
Date:   Thu Sep 26 22:30:11 2013 +0200

    Hack to not leave SolarMutex released after g_main_loop_run call
    
    Change-Id: I26923469d08308233ce3fabe749806c16d75cecd

My guess is a patch equal to the following commit will help:

commit a10cfc4865da9a1a5da0090f0a65dfb62c7010e2
Author: Mike Kaganski <mike.kaganski@collabora.com>
Date:   Fri Apr 5 15:24:31 2019 +0300

    tdf#123502: Make sure to hold the mutex before releasing it

I'm not sure I understand the "HACK" nature, since we always run the main loop without locks.
But to release the lock you have to have it.

Comment 4 Xisco Faulí 2019-04-22 13:17:25 UTC

Adding Stephan bergmann to the loop based on comment 3

Comment 5 Commit Notification 2019-04-23 18:09:49 UTC

Stephan Bergmann committed a patch related to this issue.
It has been pushed to "master":

https://git.libreoffice.org/core/+/0a04150b6eefb5feb7ecefaa5cd63dbac8c1574f%5E%21

tdf#124635 MountOperation::Mount can be called with SolarMutex unlocked

It will be available in 6.3.0.

The patch should be included in the daily builds available at
https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
https://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.

Comment 6 Xisco Faulí 2019-04-25 15:19:32 UTC

Hello Stephan,
in

Version: 6.3.0.0.alpha0+
Build ID: fad98c8641342a77241124dd98e0cb781daef4ad
CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk3; 
Locale: ca-ES (ca_ES.UTF-8); UI-Language: en-US
Calc: threaded

I can open the file but LibreOffice crashes while closing afterwards

Comment 7 Stephan Bergmann 2019-04-25 15:29:47 UTC

(In reply to Xisco Faulí from comment #6)
> I can open the file but LibreOffice crashes while closing afterwards

That appears to be an unrelated issue.  Please file a new bug.  (Backtrace for me is

> #0  0x00007f18ed7cb358 in __gnu_cxx::__exchange_and_add(int volatile*, int) (__mem=0x7f18e7a9fcc8 <_cairo_gstate_update_device_transform+8>, __val=-1) at /usr/include/c++/8/ext/atomicity.h:49
> #1  0x00007f18ed7cb319 in __gnu_cxx::__exchange_and_add_dispatch(int*, int) (__mem=0x7f18e7a9fcc8 <_cairo_gstate_update_device_transform+8>, __val=-1) at /usr/include/c++/8/ext/atomicity.h:82
> #2  0x00007f18ed7cbde8 in std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_release() (this=0x7f18e7a9fcc0 <_cairo_gstate_update_device_transform>) at /usr/include/c++/8/bits/shared_ptr_base.h:152
> #3  0x00007f18ed7cc508 in std::__shared_count<(__gnu_cxx::_Lock_policy)2>::operator=(std::__shared_count<(__gnu_cxx::_Lock_policy)2> const&) (this=0x81ca370, __r=...) at /usr/include/c++/8/bits/shared_ptr_base.h:747
> #4  0x00007f18ede63512 in std::__shared_ptr<ImpGraphic, (__gnu_cxx::_Lock_policy)2>::operator=(std::__shared_ptr<ImpGraphic, (__gnu_cxx::_Lock_policy)2> const&) (this=0x81ca368) at /usr/include/c++/8/bits/shared_ptr_base.h:1166
> #5  0x00007f18ede62f8a in std::shared_ptr<ImpGraphic>::operator=(std::shared_ptr<ImpGraphic> const&) (this=0x81ca368) at /usr/include/c++/8/bits/shared_ptr.h:309
> #6  0x00007f18ede60866 in Graphic::operator=(Graphic const&) (this=0x81ca368, rGraphic=...) at /data/sbergman/lo-clang2/core/vcl/source/gdi/graph.cxx:277
> #7  0x00007f18ee0741b1 in GraphicObject::SetGraphic(Graphic const&, GraphicObject const*) (this=0x81ca368, rGraphic=...) at /data/sbergman/lo-clang2/core/vcl/source/graphic/GraphicObject.cxx:618
> #8  0x00007f18ee0741e8 in GraphicObject::SetGraphic(Graphic const&, rtl::OUString const&) (this=0x81ca368, rGraphic=...) at /data/sbergman/lo-clang2/core/vcl/source/graphic/GraphicObject.cxx:623
> #9  0x00007f180ae9c98c in SwGrfNode::SetGraphic(Graphic const&) (this=0x81ca280, rGraphic=...) at /data/sbergman/lo-clang2/core/sw/source/core/graphic/ndgrf.cxx:364
> #10 0x00007f180acc7fe7 in SwBaseLink::DataChanged(rtl::OUString const&, com::sun::star::uno::Any const&) (this=0x81d8520, rMimeType="application/x-openoffice-svxb;windows_formatname=\"SVXB (StarView Bitmap/Animation)\"", rValue=uno::Any("string": "file://cms.proximedia.com/DavWWWRoot/files/26712/MediaArchive/chinese_shar_pei_2.jpg")) at /data/sbergman/lo-clang2/core/sw/source/core/docnode/swbaslnk.cxx:162
> #11 0x00007f180acc902a in SwBaseLink::SwapIn(bool, bool) (this=0x81d8520, bWaitForData=false, bNativFormat=false) at /data/sbergman/lo-clang2/core/sw/source/core/docnode/swbaslnk.cxx:299
> #12 0x00007f180ae9caaa in SwGrfNode::SwapIn(bool) (this=0x81ca280, bWaitForData=false) at /data/sbergman/lo-clang2/core/sw/source/core/graphic/ndgrf.cxx:456
> #13 0x00007f180ae9cd1c in SwGrfNode::GetGrfObj(bool) const (this=0x81ca280, bWait=false) at /data/sbergman/lo-clang2/core/sw/source/core/graphic/ndgrf.cxx:376
> #14 0x00007f180ab600ea in SwNoTextFrame::PaintPicture(OutputDevice*, SwRect const&) const (this=0x830b9b0, pOut=0x8487b90, rGrfArea=SwRect = {...}) at /data/sbergman/lo-clang2/core/sw/source/core/doc/notxtfrm.cxx:1095
> #15 0x00007f180ab5f307 in SwNoTextFrame::PaintSwFrame(OutputDevice&, SwRect const&, SwPrintData const*) const (this=0x830b9b0, rRenderContext=..., rRect=SwRect = {...}) at /data/sbergman/lo-clang2/core/sw/source/core/doc/notxtfrm.cxx:317
> #16 0x00007f180afa1b00 in SwLayoutFrame::PaintSwFrame(OutputDevice&, SwRect const&, SwPrintData const*) const (this=0x830b290, rRenderContext=..., rRect=SwRect = {...}) at /data/sbergman/lo-clang2/core/sw/source/core/layout/paintfrm.cxx:3398
> #17 0x00007f180afa68b1 in SwFlyFrame::PaintSwFrame(OutputDevice&, SwRect const&, SwPrintData const*) const (this=0x830b290, rRenderContext=..., rRect=SwRect = {...}) at /data/sbergman/lo-clang2/core/sw/source/core/layout/paintfrm.cxx:4089
> #18 0x00007f180acef016 in SwVirtFlyDrawObj::wrap_DoPaintObject(drawinglayer::geometry::ViewInformation2D const&) const (this=0x82979a0, rViewInformation=...) at /data/sbergman/lo-clang2/core/sw/source/core/draw/dflyobj.cxx:530
> #19 0x00007f180aceee60 in drawinglayer::primitive2d::SwVirtFlyDrawObjPrimitive::get2DDecomposition(drawinglayer::primitive2d::Primitive2DDecompositionVisitor&, drawinglayer::geometry::ViewInformation2D const&) const (this=0x83f56e0, rVisitor=..., rViewInformation=...) at /data/sbergman/lo-clang2/core/sw/source/core/draw/dflyobj.cxx:234
> #20 0x00007f18e93b8088 in drawinglayer::processor2d::BaseProcessor2D::process(drawinglayer::primitive2d::BasePrimitive2D const&) (this=0x8ca1e50, rCandidate=...) at /data/sbergman/lo-clang2/core/drawinglayer/source/processor2d/baseprocessor2d.cxx:47
> #21 0x00007f18e93e49ad in drawinglayer::processor2d::VclPixelProcessor2D::processBasePrimitive2D(drawinglayer::primitive2d::BasePrimitive2D const&) (this=0x8ca1e50, rCandidate=...) at /data/sbergman/lo-clang2/core/drawinglayer/source/processor2d/vclpixelprocessor2d.cxx:418
> #22 0x00007f18e93b82a5 in drawinglayer::processor2d::BaseProcessor2D::process(drawinglayer::primitive2d::Primitive2DContainer const&) (this=0x8ca1e50, rSource=...) at /data/sbergman/lo-clang2/core/drawinglayer/source/processor2d/baseprocessor2d.cxx:70
> #23 0x00007f18f05eac7f in sdr::contact::ObjectContactOfPageView::DoProcessDisplay(sdr::contact::DisplayInfo&) (this=0x7f08070, rDisplayInfo=...) at /data/sbergman/lo-clang2/core/svx/source/sdr/contact/objectcontactofpageview.cxx:293
> #24 0x00007f18f05ea3f8 in sdr::contact::ObjectContactOfPageView::ProcessDisplay(sdr::contact::DisplayInfo&) (this=0x7f08070, rDisplayInfo=...) at /data/sbergman/lo-clang2/core/svx/source/sdr/contact/objectcontactofpageview.cxx:120
> #25 0x00007f18f0689417 in SdrPageWindow::RedrawLayer(o3tl::strong_int<unsigned char, SdrLayerIDTag> const*, sdr::contact::ViewObjectContactRedirector*, basegfx::B2IRange const*) (this=0x8303e90, pId=0x7ffea11e5450, pRedirector=0x7ffea11e5fa0, pPageFrame=0x7ffea11e56e8) at /data/sbergman/lo-clang2/core/svx/source/svdraw/sdrpagewindow.cxx:402
> #26 0x00007f18f095012a in SdrPageView::DrawLayer(o3tl::strong_int<unsigned char, SdrLayerIDTag>, OutputDevice*, sdr::contact::ViewObjectContactRedirector*, tools::Rectangle const&, basegfx::B2IRange const*) (this=0x830db10, nID=..., pGivenTarget=0x8487b90, pRedirector=0x7ffea11e5fa0, rRect=..., pPageFrame=0x7ffea11e56e8) at /data/sbergman/lo-clang2/core/svx/source/svdraw/svdpagv.cxx:313
> #27 0x00007f180b6e32ed in SwViewShellImp::PaintLayer(o3tl::strong_int<unsigned char, SdrLayerIDTag>, SwPrintData const*, SwPageFrame const&, SwRect const&, Color const*, bool, sdr::contact::ViewObjectContactRedirector*) (this=0x8309730, _nLayerID=..., pPrintData=0x0, rPageFrame=..., aPaintRect=SwRect = {...}, _pPageBackgrdColor=0x7ffea11e5ee8, _bIsPageRightToLeft=false, pRedirector=0x7ffea11e5fa0) at /data/sbergman/lo-clang2/core/sw/source/core/view/vdraw.cxx:148
> #28 0x00007f180af9ab2d in SwRootFrame::PaintSwFrame(OutputDevice&, SwRect const&, SwPrintData const*) const (this=0x830a390, rRenderContext=..., rRect=SwRect = {...}, pPrintData=0x0) at /data/sbergman/lo-clang2/core/sw/source/core/layout/paintfrm.cxx:3138
> #29 0x00007f180b6f44b8 in SwViewShell::Paint(OutputDevice&, tools::Rectangle const&) (this=0x81e0970, rRenderContext=..., rRect=...) at /data/sbergman/lo-clang2/core/sw/source/core/view/viewsh.cxx:1843
> #30 0x00007f180a7b022f in SwCursorShell::Paint(OutputDevice&, tools::Rectangle const&) (this=0x81e0970, rRenderContext=..., rRect=...) at /data/sbergman/lo-clang2/core/sw/source/core/crsr/crsrsh.cxx:1411
> #31 0x00007f180bb53702 in SwEditWin::Paint(OutputDevice&, tools::Rectangle const&) (this=0x82ea4c0, rRenderContext=..., rRect=...) at /data/sbergman/lo-clang2/core/sw/source/uibase/docvw/edtwin2.cxx:448
> #32 0x00007f18ed7ce5db in PaintHelper::DoPaint(vcl::Region const*) (this=0x7ffea11e6e20, pRegion=0x0) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:300
> #33 0x00007f18ed7d0304 in vcl::Window::ImplCallPaint(vcl::Region const*, ImplPaintFlags) (this=0x82ea4c0, pRegion=0x0, nPaintFlags=(ImplPaintFlags::PaintChildren | ImplPaintFlags::Erase)) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:604
> #34 0x00007f18ed7cfb36 in PaintHelper::~PaintHelper() (this=0x7ffea11e70d0) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:540
> #35 0x00007f18ed7d0377 in vcl::Window::ImplCallPaint(vcl::Region const*, ImplPaintFlags) (this=0x81c3640, pRegion=0x0, nPaintFlags=ImplPaintFlags::PaintChildren) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:610
> #36 0x00007f18ed7cfb36 in PaintHelper::~PaintHelper() (this=0x7ffea11e7380) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:540
> #37 0x00007f18ed7d0377 in vcl::Window::ImplCallPaint(vcl::Region const*, ImplPaintFlags) (this=0x82f6800, pRegion=0x0, nPaintFlags=ImplPaintFlags::PaintChildren) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:610
> #38 0x00007f18ed7cfb36 in PaintHelper::~PaintHelper() (this=0x7ffea11e7630) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:540
> #39 0x00007f18ed7d0377 in vcl::Window::ImplCallPaint(vcl::Region const*, ImplPaintFlags) (this=0x80eb5b0, pRegion=0x0, nPaintFlags=ImplPaintFlags::PaintChildren) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:610
> #40 0x00007f18ed7cfb36 in PaintHelper::~PaintHelper() (this=0x7ffea11e78e0) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:540
> #41 0x00007f18ed7d0377 in vcl::Window::ImplCallPaint(vcl::Region const*, ImplPaintFlags) (this=0x1caf800, pRegion=0x0, nPaintFlags=ImplPaintFlags::PaintChildren) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:610
> #42 0x00007f18ed7cfb36 in PaintHelper::~PaintHelper() (this=0x7ffea11e7b90) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:540
> #43 0x00007f18ed7d0377 in vcl::Window::ImplCallPaint(vcl::Region const*, ImplPaintFlags) (this=0x1ff5870, pRegion=0x0, nPaintFlags=ImplPaintFlags::PaintChildren) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:610
> #44 0x00007f18ed7d04da in vcl::Window::ImplCallOverlapPaint() (this=0x1ff5870) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:628
> #45 0x00007f18ed7d0649 in vcl::Window::ImplHandlePaintHdl(Timer*) (this=0x1ff5870) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:649
> #46 0x00007f18ed7d0520 in vcl::Window::LinkStubImplHandlePaintHdl(void*, Timer*) (instance=0x1ff5870, data=0x2169890) at /data/sbergman/lo-clang2/core/vcl/source/window/paint.cxx:632
> #47 0x00007f18ee1f3e78 in Link<Timer*, void>::Call(Timer*) const (this=0x21698b0, data=0x2169890) at /data/sbergman/lo-clang2/core/include/tools/link.hxx:84
> #48 0x00007f18ee1f3c95 in Timer::Invoke() (this=0x2169890) at /data/sbergman/lo-clang2/core/vcl/source/app/timer.cxx:77
> #49 0x00007f18ee19e3e6 in Scheduler::ProcessTaskScheduling() () at /data/sbergman/lo-clang2/core/vcl/source/app/scheduler.cxx:477
> #50 0x00007f18ee19d4dd in Scheduler::CallbackTaskScheduling() () at /data/sbergman/lo-clang2/core/vcl/source/app/scheduler.cxx:285
> #51 0x00007f18d943b256 in SalTimer::CallCallback() (this=0x1d89cf0) at /data/sbergman/lo-clang2/core/vcl/inc/saltimer.hxx:55
> #52 0x00007f18d9439c83 in sal_gtk_timeout_dispatch(_GSource*, int (*)(void*), void*) (pSource=0x8697ce0) at /data/sbergman/lo-clang2/core/vcl/unx/gtk3/gtk3gtkdata.cxx:761
> #53 0x00007f18e7c5e06d in g_main_dispatch (context=0x5486f0) at /usr/src/debug/glib2-2.58.3-1.fc29.x86_64/glib/gmain.c:3182
> #54 0x00007f18e7c5e06d in g_main_context_dispatch (context=context@entry=0x5486f0) at /usr/src/debug/glib2-2.58.3-1.fc29.x86_64/glib/gmain.c:3847
> #55 0x00007f18e7c5e438 in g_main_context_iterate (context=context@entry=0x5486f0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at /usr/src/debug/glib2-2.58.3-1.fc29.x86_64/glib/gmain.c:3920
> #56 0x00007f18e7c5e4d0 in g_main_context_iteration (context=0x5486f0, may_block=1) at /usr/src/debug/glib2-2.58.3-1.fc29.x86_64/glib/gmain.c:3981
> #57 0x00007f18d943837b in GtkSalData::Yield(bool, bool) (this=0x5db600, bWait=true, bHandleAllCurrentEvents=false) at /data/sbergman/lo-clang2/core/vcl/unx/gtk3/gtk3gtkdata.cxx:528
> #58 0x00007f18d943d937 in GtkInstance::DoYield(bool, bool) (this=0x5ece60, bWait=true, bHandleAllCurrentEvents=false) at /data/sbergman/lo-clang2/core/vcl/unx/gtk/gtkinst.cxx:404
> #59 0x00007f18ee1cff6a in ImplYield(bool, bool) (i_bWait=true, i_bAllEvents=false) at /data/sbergman/lo-clang2/core/vcl/source/app/svapp.cxx:457
> #60 0x00007f18ee1cfd14 in Application::Yield() () at /data/sbergman/lo-clang2/core/vcl/source/app/svapp.cxx:521
> #61 0x00007f18ee1cfca6 in Application::Execute() () at /data/sbergman/lo-clang2/core/vcl/source/app/svapp.cxx:438
> #62 0x00007f18f4cebc3d in desktop::Desktop::Main() (this=0x7ffea11ea080) at /data/sbergman/lo-clang2/core/desktop/source/app/app.cxx:1621
> #63 0x00007f18ee1eeba4 in ImplSVMain() () at /data/sbergman/lo-clang2/core/vcl/source/app/svmain.cxx:203
> #64 0x00007f18ee1f0449 in SVMain() () at /data/sbergman/lo-clang2/core/vcl/source/app/svmain.cxx:237
> #65 0x00007f18f4d5e0d5 in soffice_main() () at /data/sbergman/lo-clang2/core/desktop/source/app/sofficemain.cxx:170
> #66 0x000000000020117d in sal_main () at /data/sbergman/lo-clang2/core/desktop/source/app/main.c:48
> #67 0x0000000000201157 in main (argc=2, argv=0x7ffea11ea238) at /data/sbergman/lo-clang2/core/desktop/source/app/main.c:47
> #68 0x00007f18f4a2b413 in __libc_start_main (main=0x201130 <main>, argc=2, argv=0x7ffea11ea238, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffea11ea228) at /usr/src/debug/glibc-2.28-95-g7423da211d/csu/libc-start.c:308
> #69 0x000000000020102e in _start ()

)