Bug 143640 - UNO Object Inspector: Crash while clicking on the "Object" tree (debug)
Summary: UNO Object Inspector: Crash while clicking on the "Object" tree (debug)
Status: ASSIGNED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
7.3.0.0 alpha0+
Hardware: All Linux (All)
: medium normal
Assignee: Hossein
URL:
Whiteboard:
Keywords: haveBacktrace
: 143636 143638 (view as bug list)
Depends on:
Blocks: Crash-Assert UNO-Object-Inspector
  Show dependency treegraph
 
Reported: 2021-07-31 12:25 UTC by Hossein
Modified: 2022-12-18 16:28 UTC (History)
6 users (show)

See Also:
Crash report or crash signature:
Regression By:

Attachments
gdb backtrace (37.51 KB, text/x-log)
2021-08-12 11:57 UTC, Hossein 		Details
bt with debug symbols + console logs (17.27 KB, text/plain)
2022-09-17 11:22 UTC, Julien Nabet 		Details
gdb bt (12.80 KB, text/plain)
2022-12-14 18:07 UTC, Julien Nabet 		Details
Valgrind trace (106.56 KB, text/x-log)
2022-12-18 16:28 UTC, Julien Nabet 		Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hossein 2021-07-31 12:25:16 UTC 
Description:
LibreOffice crashes while inspecting a file containing a custom shape and clicking on "Object" tree

Steps to Reproduce:
1. Open the sample attachment 163404 [details] or create a new write file and add an arbitrary custom shape like a rectangle
2. Open "UNO Object Inspector" from "Tools > Development Tools" Menu
3. Find the only shape in "Shapes" part under "Object" section
4. Click on "Properties"
5. Select "@0"
6. Click on anywhere on the tree under "Object" section

Actual Results:
Crashing

Expected Results:
Not crashing


Reproducible: Always


User Profile Reset: No



Additional Info:

Version: 7.3.0.0.alpha0+ / LibreOffice Community
Build ID: 1ec5a1300632a5455416b6cbb090d8c48353d939
CPU threads: 8; OS: Linux 5.8; UI render: default; VCL: gtk3
Locale: en-US (en_US.UTF-8); UI: en-US
Calc: threaded
Comment 1 Roman Kuznetsov 2021-07-31 19:56:31 UTC 
no repro in

Version: 7.3.0.0.alpha0+ (x64) / LibreOffice Community
Build ID: 4677345e3695bac158bb04048b4d5c608ed764b4
CPU threads: 4; OS: Windows 6.1 Service Pack 1 Build 7601; UI render: default; VCL: win
Locale: ru-RU (ru_RU); UI: en-US
Calc: CL
Comment 2 raal 2021-08-01 07:27:04 UTC 
no repro Version: 7.3.0.0.alpha0+ / LibreOffice Community
Build ID: 612d5b1a04fe022a34018d901bb9b052791d54e5
CPU threads: 4; OS: Linux 5.11; UI render: default; VCL: gtk3
Locale: cs-CZ (cs_CZ.UTF-8); UI: en-US
Calc: threaded

but my build is older then yours, recent regression?
Comment 3 raal 2021-08-04 16:22:16 UTC 
No crash Version: 7.3.0.0.alpha0+ / LibreOffice Community
Build ID: 36efb384a66b6dd645e0ae80fd7df68370a9dc8b
CPU threads: 4; OS: Linux 5.11; UI render: default; VCL: gtk3
Locale: cs-CZ (cs_CZ.UTF-8); UI: en-US
Calc: threaded
Comment 4 Xisco Faulí 2021-08-10 16:23:38 UTC 
I can't reproduce it in

Version: 7.3.0.0.alpha0+ / LibreOffice Community
Build ID: 6daf48b50e1ff3bdd6a9f948c3e267e76b8a89d3
CPU threads: 4; OS: Linux 5.7; UI render: default; VCL: gtk3
Locale: en-US (en_US.UTF-8); UI: en-US
Calc: threaded

@Hossein, Could you please try to clean the user profile and retry ?
Comment 5 Hossein 2021-08-10 17:35:30 UTC 
(In reply to Xisco Faulí from comment #4)
> I can't reproduce it in
> 
> Version: 7.3.0.0.alpha0+ / LibreOffice Community
> Build ID: 6daf48b50e1ff3bdd6a9f948c3e267e76b8a89d3
> CPU threads: 4; OS: Linux 5.7; UI render: default; VCL: gtk3
> Locale: en-US (en_US.UTF-8); UI: en-US
> Calc: threaded
> 
> @Hossein, Could you please try to clean the user profile and retry ?

Started LO in safe mode, cleared profile, but LO still crashes.
Comment 6 QA Administrators 2021-08-11 03:59:42 UTC Comment hidden (obsolete)
Comment 7 Hossein 2021-08-12 11:57:23 UTC 
Created attachment 174224 [details]
gdb backtrace

The crash happens in:

sw/source/core/doc/docbm.cxx:1318
void MarkManager::deleteMark(const IMark* const pMark)

#4  0x00007fffdddaf1a0 in sw::mark::MarkManager::deleteMark(sw::mark::IMark const*) (this=0x555559d22820, pMark=0x55555b01d570) at /home/hossein/Projects/libreoffice/core/sw/source/core/doc/docbm.cxx:1318
Comment 8 Xisco Faulí 2021-08-17 16:07:24 UTC 
*** Bug 143638 has been marked as a duplicate of this bug. ***
Comment 9 Xisco Faulí 2021-08-17 16:10:01 UTC 
ok, I do reproduce the issue with a debug build, lowering priority
Comment 10 Xisco Faulí 2021-08-17 16:13:43 UTC 
*** Bug 143636 has been marked as a duplicate of this bug. ***
Comment 11 Xisco Faulí 2021-11-08 15:20:45 UTC 
Hi Hossein,
is this issue still reproducible in a master build ?
Comment 12 Hossein 2021-11-08 18:42:35 UTC 
(In reply to Xisco Faulí from comment #11)
> Hi Hossein,
> is this issue still reproducible in a master build ?

Yes.

Still reproducible in the latest master for Linux:
Version: 7.3.0.0.alpha1+ / LibreOffice Community
Build ID: 4d66721962f60a9c8b4653dc724f163c45e6ddd9
CPU threads: 8; OS: Linux 5.11; UI render: default; VCL: x11
Locale: en-US (en_US.UTF-8); UI: en-US
Calc: threaded

It is not reproducible in Windows, so I set the bug to Linux only:

Not reproducible:
Version: 7.3.0.0.alpha1+ (x64) / LibreOffice Community
Build ID: 4d66721962f60a9c8b4653dc724f163c45e6ddd9
CPU threads: 32; OS: Windows 10.0 Build 19043; UI render: Skia/Raster; VCL: win
Locale: en-US (en_DE); UI: en-US
Calc: threaded
Comment 13 Aron Budea 2021-11-08 19:36:13 UTC 
This crashes because of using gcc debug code, which explains why it only occurs with a debug build. Let's treat it similarly to an assert.

I haven't debugged into it, but probably the prerequisites for using equal_range aren't met.
Comment 14 Xisco Faulí 2022-05-03 12:27:42 UTC 
Dear Hossein,
This bug has been in ASSIGNED status for more than 3 months without any
activity. Resetting it to NEW.
Please assign it back to yourself if you're still working on this.
Comment 15 Hossein 2022-05-06 21:46:33 UTC 
Still reproducible with the latest 7.4 master:

Version: 7.4.0.0.alpha0+ / LibreOffice Community
Build ID: 18715f6a63af55045b108b98abeffeae8e51518b
CPU threads: 8; OS: Linux 5.13; UI render: default; VCL: gtk3
Locale: en-US (en_US.UTF-8); UI: en-US
Calc: threaded
Comment 16 Julien Nabet 2022-09-17 11:22:35 UTC 
Created attachment 182520 [details]
bt with debug symbols + console logs

On pc Debian x86-64 with master sources updated today, I could reproduce this.

I attached console logs in addition to bt which is almost identical to Hossein's one.
Comment 17 Julien Nabet 2022-12-14 18:07:21 UTC 
Created attachment 184148 [details]
gdb bt

Here's an updated bt with last console logs.
Comment 18 Julien Nabet 2022-12-18 16:28:47 UTC 
Created attachment 184223 [details]
Valgrind trace

If it can help, I retrieved a Valgrind trace on pc debian x86-64 with master sources updated today + brand new LO profile + gen rendering.