Description: Version: 7.6.0.3 (X86_64) / LibreOffice Community Build ID: 60(Build:3) CPU threads: 12; OS: Linux 6.4; UI render: default; VCL: kf5 (cairo+xcb) Locale: en-US (en_US.UTF-8); UI: en-US Calc: CL threaded openSUSE Tumbleweed 20230823 (x86_64) on kernel 6.4.11-1-default Installed Memory 16G KDE 5.109.0 Plasma 5.27.7 Qt: 5.15.10 Display Type: x11 Several times now, when i close calc it segfaults. Here is the debug info: Application: soffice (soffice), signal: Segmentation fault [KCrash Handler] #4 rtl::str::release<_rtl_uString>(_rtl_uString*) () at /usr/src/debug/libreoffice-7.6.0.3/sal/rtl/strtmpl.hxx:745 #5 rtl_uString_release(_rtl_uString*) (pThis=0x7fac60757fc0) at /usr/src/debug/libreoffice-7.6.0.3/sal/rtl/ustring.cxx:1178 #6 0x00007facc04bb95b in rtl::OUString::~OUString() () at /usr/src/debug/libreoffice-7.6.0.3/include/rtl/ustring.hxx:549 #7 std::pair<rtl::OUString const, com::sun::star::uno::Any>::~pair() () at /usr/include/c++/13/bits/stl_pair.h:187 #8 std::__new_allocator<std::__detail::_Hash_node<std::pair<rtl::OUString const, com::sun::star::uno::Any>, true> >::destroy<std::pair<rtl::OUString const, com::sun::star::uno::Any> >(std::pair<rtl::OUString const, com::sun::star::uno::Any>*) () at /usr/include/c++/13/bits/new_allocator.h:194 #9 std::allocator_traits<std::allocator<std::__detail::_Hash_node<std::pair<rtl::OUString const, com::sun::star::uno::Any>, true> > >::destroy<std::pair<rtl::OUString const, com::sun::star::uno::Any> >(std::allocator<std::__detail::_Hash_node<std::pair<rtl::OUString const, com::sun::star::uno::Any>, true> >&, std::pair<rtl::OUString const, com::sun::star::uno::Any>*) () at /usr/include/c++/13/bits/alloc_traits.h:557 #10 std::__detail::_Hashtable_alloc<std::allocator<std::__detail::_Hash_node<std::pair<rtl::OUString const, com::sun::star::uno::Any>, true> > >::_M_deallocate_node(std::__detail::_Hash_node<std::pair<rtl::OUString const, com::sun::star::uno::Any>, true>*) () at /usr/include/c++/13/bits/hashtable_policy.h:2020 #11 std::__detail::_Hashtable_alloc<std::allocator<std::__detail::_Hash_node<std::pair<rtl::OUString const, com::sun::star::uno::Any>, true> > >::_M_deallocate_nodes(std::__detail::_Hash_node<std::pair<rtl::OUString const, com::sun::star::uno::Any>, true>*) () at /usr/include/c++/13/bits/hashtable_policy.h:2042 #12 std::_Hashtable<rtl::OUString, std::pair<rtl::OUString const, com::sun::star::uno::Any>, std::allocator<std::pair<rtl::OUString const, com::sun::star::uno::Any> >, std::__detail::_Select1st, std::equal_to<rtl::OUString>, std::hash<rtl::OUString>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<true, false, true> >::clear() (this=0x7facc370a440 <_ZZN10comphelper6detail20ConfigurationWrapper3getEvE7WRAPPER.lto_priv.0+64>) at /usr/include/c++/13/bits/hashtable.h:2509 #13 0x00007facc060cae3 in std::unordered_map<rtl::OUString, com::sun::star::uno::Any, std::hash<rtl::OUString>, std::equal_to<rtl::OUString>, std::allocator<std::pair<rtl::OUString const, com::sun::star::uno::Any> > >::clear() () at /usr/include/c++/13/bits/unordered_map.h:798 #14 comphelper::detail::ConfigurationWrapper::~ConfigurationWrapper() () at /usr/src/debug/libreoffice-7.6.0.3/comphelper/source/misc/configuration.cxx:167 #15 0x00007facbee41b66 in __run_exit_handlers () at /lib64/libc.so.6 #16 0x00007facbee41cb0 in () at /lib64/libc.so.6 #17 0x00007facbee281f7 in __libc_start_call_main () at /lib64/libc.so.6 #18 0x00007facbee282b9 in __libc_start_main_impl () at /lib64/libc.so.6 #19 0x000055a5f4df30c5 in _start () at ../sysdeps/x86_64/start.S:115 [Inferior 1 (process 21830) detached] Steps to Reproduce: 1.After working on calc with multiple sheets, I save my work then close it. Calc crashes at that point 2. 3. Actual Results: Calc crashes with a segfault Expected Results: Should close without a segfault Reproducible: Sometimes User Profile Reset: No Additional Info: Version: 7.6.0.3 (X86_64) / LibreOffice Community Build ID: 60(Build:3) CPU threads: 12; OS: Linux 6.4; UI render: default; VCL: kf5 (cairo+xcb) Locale: en-US (en_US.UTF-8); UI: en-US Calc: CL threaded
Please test in safe mode, Menu/Help/Restart in Safe Mode
And updating the version could be a good chance. Earlier versions are used to be the more problematic.
As far as I can tell 7.6 is the latest version - i don't understand you comment on updating. I'll test in safe mode but the issue is intermittent so it may take awhile. I'll try speeding things up by just repeating the opening and closing
Just for the test, could you: - open a term/console - type: export SAL_USE_VCLPLUGIN=gen - try to reproduce the crash ? The goal is to know if it's rendering dependent or not. Also did you get LO 7.6.0.3 from openSUSE's repository or from another way? (I've just read about Tumbleweed being a rolling release version). I mean, when installing a software, there are dependencies to take into account.
Yes, but there are subversion, specially with bug fixes. https://downloadarchive.documentfoundation.org/libreoffice/old/7.6.0.3/
In order to really test in a timely fashion I need a script that will open calc in safe mode, open my ods calc file and then close it. Calc does not stay in safe mode, you have to select it every time you open it As I said his is intermittent but can someone determine from the code dump above whats going wrong? I can program in straight C all day but C++ is greek to me except on a very basic level. I was wondering if it was some kind of race condition or a bad pointer in a rarely used code path that could be found by code reading BTW: Why doesn't the [KCrash Handler] show #1,#2 and #3?
(In reply to Eric from comment #6) > ... > Calc does not stay in safe mode, you have to select it every time you open it > ... In this case, apply https://wiki.documentfoundation.org/QA/FirstSteps#Corrupted_user_profile > As I said his is intermittent but can someone determine from the code dump > above whats going wrong? I can program in straight C all day but C++ is > greek to me except on a very basic level. Ok if you know well C, it's a good basis. Then you need to understand object-oriented programming part, perhaps you already did some Java? Anyway, if you want to try contributing, a good start page is: https://wiki.documentfoundation.org/Development/GetInvolved
Created attachment 189321 [details] system log from last crash exiting calc
it looks like a duplicate of bug 156683 *** This bug has been marked as a duplicate of bug 156683 ***
Created attachment 189760 [details] Another crash and debug data calc crashed on me again on exit, this time the backtrace is a bit different
(In reply to Eric from comment #10) > Created attachment 189760 [details] > Another crash and debug data > > calc crashed on me again on exit, this time the backtrace is a bit different Eric, which version was that with? Please see with version 7.6.2.1 if you can still reproduce.
Well, I updated since i posted that and I am now on 7.6.1.1 I don't know what the version was on 9/22 but probably not the same. I can't force it, i tried many times.
Yes, since the 22nd, version 7.6.2.1 was released, which includes another fix for bug 156683, which is why it would be great if you could update to see if it does inded resolve what you witnessed. Much appreciated!
7.6.1.1 on openSuse Tumbleweed. Crashed on close. I am sure TW will release a newer version soon. I wont report any more crashes on 7.6.1.1 Application: soffice (soffice), signal: Segmentation fault [KCrash Handler] #4 0x00007f8587a72ac0 in rtl_uString_release () at /usr/lib64/libreoffice/program/libuno_sal.so.3 #5 0x00007f85846beeab in () at /usr/lib64/libreoffice/program/libmergedlo.so #6 0x00007f8584810083 in () at /usr/lib64/libreoffice/program/libmergedlo.so #7 0x00007f8583041b26 in __run_exit_handlers () at /lib64/libc.so.6 #8 0x00007f8583041c70 in () at /lib64/libc.so.6 #9 0x00007f85830281b7 in __libc_start_call_main () at /lib64/libc.so.6 #10 0x00007f8583028279 in __libc_start_main_impl () at /lib64/libc.so.6 #11 0x0000558c2b9410c5 in () [Inferior 1 (process 20941) detached]
(In reply to Eric from comment #14) > 7.6.1.1 on openSuse Tumbleweed. Crashed on close. > I am sure TW will release a newer version soon. I wont report any more > crashes on 7.6.1.1 > > Application: soffice (soffice), signal: Segmentation fault > > [KCrash Handler] > #4 0x00007f8587a72ac0 in rtl_uString_release () at > /usr/lib64/libreoffice/program/libuno_sal.so.3 > #5 0x00007f85846beeab in () at > /usr/lib64/libreoffice/program/libmergedlo.so > #6 0x00007f8584810083 in () at > /usr/lib64/libreoffice/program/libmergedlo.so > #7 0x00007f8583041b26 in __run_exit_handlers () at /lib64/libc.so.6 > #8 0x00007f8583041c70 in () at /lib64/libc.so.6 > #9 0x00007f85830281b7 in __libc_start_call_main () at /lib64/libc.so.6 > #10 0x00007f8583028279 in __libc_start_main_impl () at /lib64/libc.so.6 > #11 0x0000558c2b9410c5 in () > [Inferior 1 (process 20941) detached] Hello Eric, you should upgrade to LibreOffice 7.6.2.1
I just did last night. So now lets see if this crash still happens on close.
Looks like the same crash in bug 158228 for 7.6.2.1, let's mark as new. Eric also reproduced in 7.6.2.1, see bug 156683 comment 28.
*** Bug 158228 has been marked as a duplicate of this bug. ***
Created attachment 190876 [details] chart of number of crashes with this signature per version Looks like the signature is back in force in 7.6: https://crashreport.libreoffice.org/stats/signature/void%20rtl::str::release%3C_rtl_uString%3E(_rtl_uString*)
I just get a "Not Found" page when i click on your link: https://crashreport.libreoffice.org/stats/signature/void%20rtl::str::release%3C_rtl_uString%3E(_rtl_uString*)
I forgot to talk about https://wiki.documentfoundation.org/QA/FirstSteps, could you give it a try?
Yes, that link works. Why did you post it though? It points to a page on how to submit bugs.
(In reply to Eric from comment #22) > Yes, that link works. > Why did you post it though? It points to a page on how to submit bugs. It provides more than this, it gives common root causes like corrupted LO profile, Skia related pb,etc and provide some solution or workarounds.
I'm unable to repro using the following: Version: 24.8.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 1f45453152a34beea5ec1b858c45a585ead3a73e CPU threads: 16; OS: Windows 10.0 Build 22631; UI render: default; VCL: win Locale: en-US (en_US); UI: en-US Calc: threaded Can you please provide a sample document on which the crash occurs, with some repro steps of how you interacted with document, particularly if you can repro every time?
The crash is intermittent and doesn't seem to be able to be forced. Also, one thing i seem to notice, if i have a few spreadsheets open (instances not tabs)(say 2 or 3 instances of calc) and then after awhile i close one then the other then the last ( not rapidly and sometimes a minute or more from close to close), it's always the last sheet closing that causes it. Actual content doesn't seem t matter. Each sheet had a few rows of data, not a big crowded sheet with tons of data and hundreds of rows. I think there might be some interaction between the sheets in the calc code?
*** Bug 159088 has been marked as a duplicate of this bug. ***
I think that I found a reliable way to trigger the crash. At least, I can reliably trigger it with 24.2.0-rc2 in Debian testing. * Start Calc with a new spreadsheet. * Enter some text into a cell and hit return. * Copy the cell with ctrl-c or right click. * Close Calc. This should trigger the crash. I could save the file or not before closing, and even as its own separate step, but this rtl_uString_release crash only happens when I close Calc.
(In reply to John Stamp from comment #27) > I think that I found a reliable way to trigger the crash. At least, I can > reliably trigger it with 24.2.0-rc2 in Debian testing. > > * Start Calc with a new spreadsheet. > > * Enter some text into a cell and hit return. > > * Copy the cell with ctrl-c or right click. > > * Close Calc. This should trigger the crash. > > I could save the file or not before closing, and even as its own separate > step, but this rtl_uString_release crash only happens when I close Calc. Thank you! Using these steps, I could crash it with: Version: 7.6.4.1 (X86_64) / LibreOffice Community Build ID: e19e193f88cd6c0525a17fb7a176ed8e6a3e2aa1 CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: kf5 (cairo+xcb) Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded Crash report: https://crashreport.libreoffice.org/stats/crash_details/39f7ddbb-7fa1-40fc-9b40-f36d280aedde No crash with gtk3 VCL plugin, no crash in 7.5.9.2.
Tried bibisecting, but libreoffice-64-7.6 master does not crash with those steps. I also tried adding a dictionary to have auto spellcheck active. (Repository is currently at 30ee116ee498160a366a5a618649f832ae371f7d)
Created attachment 192277 [details] minidump with 7.6.5 daily build Version: 7.6.5.0.0+ (X86_64) / LibreOffice Community Build ID: 5db313902110c95c440bb0e96f46acc97092d7ca CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: kf5 (cairo+xcb) Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded In console: warn:sfx.control:458070:458070:sfx2/source/control/dispatch.cxx:1211: Childwindow slot missing: 25917 warn:sfx.control:458070:458070:sfx2/source/control/dispatch.cxx:1211: Childwindow slot missing: 26189 warn:sfx.control:458070:458070:sfx2/source/control/dispatch.cxx:1211: Childwindow slot missing: 26190 warn:xmloff:458070:458070:xmloff/source/text/XMLTextListAutoStylePool.cxx:163: getStyleFamilies() from XModel failed for export! warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 5 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 2 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 5 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 10 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 2 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 3 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 5 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 2 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 5 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 10 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 2 warn:editeng:458070:458070:editeng/source/uno/unofield.cxx:375: Id service unknown: 3 warn:xmloff:458070:458070:xmloff/source/text/XMLTextListAutoStylePool.cxx:163: getStyleFamilies() from XModel failed for export! warn:xmloff:458070:458070:xmloff/source/text/XMLTextListAutoStylePool.cxx:163: getStyleFamilies() from XModel failed for export! warn:legacy.osl:458070:458070:xmloff/source/core/SettingsExportHelper.cxx:176: this type is not implemented now warn:legacy.tools:458070:458070:sfx2/source/bastyp/progress.cxx:200: Can't make progress bar! warn:legacy.tools:458070:458070:sfx2/source/bastyp/progress.cxx:200: Can't make progress bar! warn:sfx.appl:458070:458070:sfx2/source/appl/app.cxx:166: Memory leak: some object shells were not removed! warn:unotools.config:458070:458070:unotools/source/config/configmgr.cxx:147: ConfigManager not empty
*** Bug 152477 has been marked as a duplicate of this bug. ***
Looking at other reports of the same crash, the issue started in branch 7.4 with 7df433cdc33b4d6ba38eafad9282d015571433ef "optimize ConfigurationProperty::get()" which was later reverted. See https://cgit.freedesktop.org/libreoffice/core/log/?h=libreoffice-7-4&qt=grep&q=optimize+ConfigurationProperty%3A%3Aget%28%29 In branch 7.5 the same happened: https://cgit.freedesktop.org/libreoffice/core/log/?h=libreoffice-7-5&qt=grep&q=optimize+ConfigurationProperty%3A%3Aget%28%29 while in branch 7.6 the issue was reverted and later reapplied, https://cgit.freedesktop.org/libreoffice/core/log/?h=libreoffice-7-6&qt=grep&q=optimize+ConfigurationProperty%3A%3Aget()
Xisco Fauli committed a patch related to this issue. It has been pushed to "libreoffice-7-6": https://git.libreoffice.org/core/commit/7b46c77366fb3effd2de9bf5ba11ebd3c064974a tdf#157042: Revert "re-apply "optimize ConfigurationProperty::get()"" It will be available in 7.6.5. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Hi Xisco, I tried the 2024-02-01 daily build for 7.6.5 and couldn't trigger a crash anymore while using the kf5 vcl. The 2024-02-01 daily build for 24.2 still triggers a crash though.
(In reply to John Stamp from comment #34) > Hi Xisco, > > I tried the 2024-02-01 daily build for 7.6.5 and couldn't trigger a crash > anymore while using the kf5 vcl. > > The 2024-02-01 daily build for 24.2 still triggers a crash though. Hi John, Looking at https://crashreport.libreoffice.org/stats/signature/void%20rtl::str::release%3C_rtl_uString%3E(_rtl_uString*)#summary I see the issue is not being reported for 24.2 version. Do you still reproduce the issue with LibreOffice 24.2.0.3 from https://www.libreoffice.org/download/download-libreoffice/ ?
Yes, after installing all the 24.2.0.3 packages from LibreOffice, I can still crash Calc on close, but only with the kde vcl. The "Send crash reports" option was enabled, so hopefully you got one. The KCrash Handler output wasn't very helpful, but here's the relevant bit: [KCrash Handler] #4 0x00007fef7a7c3210 in rtl_uString_release () from /opt/libreoffice24.2/program/libuno_sal.so.3 #5 0x00007fef76e0f40b in ?? () from /opt/libreoffice24.2/program/libmergedlo.so #6 0x00007fef76f61ee3 in ?? () from /opt/libreoffice24.2/program/libmergedlo.so Finally, I was poking around in the crash reports and came across a number of <name omitted> signatures for Linux & 24.2.0.3 https://crashreport.libreoffice.org/stats/signature/%3Cname%20omitted%3E A number of them are crashing at rtl::str::release(): https://crashreport.libreoffice.org/stats/crash_details/07a51006-082e-46dd-808d-ed04faf6d930 https://crashreport.libreoffice.org/stats/crash_details/55f2f1d8-a7f8-4b0d-9f95-d328ce581e36 https://crashreport.libreoffice.org/stats/crash_details/3d5e7d71-f5da-4dac-a357-95ca0071bb8f etc... Same issue?
(In reply to John Stamp from comment #27) > I think that I found a reliable way to trigger the crash. At least, I can > reliably trigger it with 24.2.0-rc2 in Debian testing. > > * Start Calc with a new spreadsheet. > > * Enter some text into a cell and hit return. > > * Copy the cell with ctrl-c or right click. > > * Close Calc. This should trigger the crash. > > I could save the file or not before closing, and even as its own separate > step, but this rtl_uString_release crash only happens when I close Calc. I can reproduce with a current daily build: Version: 24.8.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 6b6849107562b258aa8858e94ff3c07160f07062 CPU threads: 12; OS: Linux 6.5; UI render: default; VCL: kf5 (cairo+xcb) Locale: en-GB (en_GB.UTF-8); UI: en-US Calc: threaded but interestingly not with a local debug build: Version: 24.8.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 4d381b54d1c598c181b4a21a8bf0db86eb4668d1 CPU threads: 12; OS: Linux 6.5; UI render: default; VCL: kf5 (cairo+xcb) Locale: en-GB (en_GB.UTF-8); UI: en-US Calc: threaded
Xisco Fauli committed a patch related to this issue. It has been pushed to "libreoffice-24-2": https://git.libreoffice.org/core/commit/dd7a69068b8f92052b45a60014e6f6ed689c2947 tdf#157042: Revert "re-apply "optimize ConfigurationProperty::get()"" It will be available in 24.2.1. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Yes, that seems to fix it. I can't make it crash anymore. Version: 24.2.1.0.0+ (X86_64) / LibreOffice Community Build ID: c7e9e3a35c00cae8cea13cbef1de9c696a881cdb CPU threads: 1; OS: Linux 6.6; UI render: default; VCL: kf5 (cairo+xcb) Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded
Xisco Fauli committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/cfcd6b25575087366924e39cf352bf3bb3853d6a tdf#157042: Revert "re-apply "optimize ConfigurationProperty::get()"" It will be available in 24.8.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
The patch has been reverted in all branches ( master, libreoffice-24-2 and libreoffice-7-6 ) so this can be considered as fixed. Please retest it to make it sure it has been fixed in all branches
*** Bug 159831 has been marked as a duplicate of this bug. ***