Version 4.0.0.0.beta1+ (Build ID: b0eb7231a9643d71be3125be7248c91242339ab under Vista Steps to reproduce : Open a new spreadsheet and select any cell 1/ Data > Validity > Cell range 2/ click the icon “shrink” at the right of the Source field (without entering anything) 3/ in the new window, click the icon “shrink” (without entering anything) 4/ the return is incorrect, the Source field is not displayed 5/ OK Again on the same cell or another one: Item 4: the return now presents two overlapping windows: Click OK on the first Click OK on the 2nd => CRASH Then, if I accept to recover the file, I get the following message: "The file '$(ARG1)' is corrupt and therefore cannot be opened. LOdev can try to repair the file." I checked with versions 3.5.7 and 3.6.4: no crash Confirmed on the French list fr-qa
Confirmé sous Version 4.0.0.0.beta1+ (Build ID: 6d4a55bf38a1c470c49f904dbbddf94eb2f6154) win7 - 32bits Confirmé sous libo Version 4.0.0.0.beta1+ (Build ID: 51ecd2f55d608f853852335808b643f61b9a844) TinderBox: Linux-x86_64_11-Release-Configuration, Branch:libreoffice-4-0, Time: 2012-12-17_20:11:04 Ubuntu 12.04 - 64bits
On pc Debian x86-64 with master sources updated today, I reproduce this too until overlapping. (I must have missed something about the crash since I didn't reproduce it) Noticed this log twice: warn:vcl.layout:21569:1:/home/julien/compile-libreoffice/libo/vcl/source/window/dialog.cxx:1203: Dialog has become non-layout because extra children have been added directly to it.
Confirmed: Win7x64 Ultimate Version 4.0.0.0.beta2 (Build ID: 4104d660979c57e1160b5135634f732918460a0)
Michel/mariosv: do you still reproduce this with final release 4.0? If yes, could you try to retrieve a backtrace (even without symbols if you can't)?
(In reply to comment #4) > Michel/mariosv: do you still reproduce this with final release 4.0? > If yes, could you try to retrieve a backtrace (even without symbols if you > can't)? Hi Julian reproducible with: Win7x64 Ultimate Version 4.0.0.3 (Build ID: 7545bee9c2a0782548772a21bc84a9dcc583b89) I never get the back-trace, but I think there is a comment in some place about how to do if, if I find it I'll try.
mariosv: here some info for Windows part, https://wiki.documentfoundation.org/BugReport#How_to_get_a_backtrace_.28on_Windows.29
(In reply to comment #6) > mariosv: here some info for Windows part, > https://wiki.documentfoundation.org/BugReport#How_to_get_a_backtrace_. > 28on_Windows.29 Hi Julien, thanks for the link. I had found a comment from Michael in nabble using Dr. Memory. I hope I can do a try this night. Miguel Ángel.
Will check.
I have not done any compilation, this is the result with: Win7x64 Ultimate Version 4.0.0.3 (Build ID: 7545bee9c2a0782548772a21bc84a9dcc583b89) Command line: "C:\Program Files (x86)\Dr. Memory\bin\drmemory.exe" "C:\Program Files (x86)\LibreOffice 4.0\program\soffice.exe" Log file: " Dr. Memory version 1.5.0 build 5 built on Aug 31 2012 16:19:51 Application cmdline: ""C:\Program Files (x86)\LibreOffice 4.0\program\soffice.exe"" Recorded 63 suppression(s) from default C:\Program Files (x86)\Dr. Memory/bin/suppress-default.txt Error #1: LEAK 126 direct bytes 0x00803388-0x00803406 + 0 indirect bytes # 0 KERNELBASE.dll!LocalAlloc +0x5e (0x754158de <KERNELBASE.dll+0x158de>) # 1 SHELL32.dll!CommandLineToArgvW +0x89 (0x756d9f22 <SHELL32.dll+0x19f22>) # 2 soffice.exe!? +0x0 (0x01351212 <soffice.exe+0x1212>) # 3 soffice.exe!? +0x0 (0x01351770 <soffice.exe+0x1770>) # 4 soffice.exe!? +0x0 (0x01351f9d <soffice.exe+0x1f9d>) # 5 KERNEL32.dll!BaseThreadInitThunk +0x11 (0x76ef33aa <KERNEL32.dll+0x133aa>) # 6 ntdll.dll!RtlInitializeExceptionChain +0x62 (0x778e9ef2 <ntdll.dll+0x39ef2>) # 7 ntdll.dll!RtlInitializeExceptionChain +0x35 (0x778e9ec5 <ntdll.dll+0x39ec5>) Error #2: LEAK 126 direct bytes 0x007ffd00-0x007ffd7e + 0 indirect bytes # 0 KERNELBASE.dll!LocalAlloc +0x5e (0x754158de <KERNELBASE.dll+0x158de>) # 1 SHELL32.dll!CommandLineToArgvW +0x89 (0x756d9f22 <SHELL32.dll+0x19f22>) # 2 soffice.exe!? +0x0 (0x01351212 <soffice.exe+0x1212>) # 3 soffice.exe!? +0x0 (0x013515f6 <soffice.exe+0x15f6>) # 4 soffice.exe!? +0x0 (0x01351f9d <soffice.exe+0x1f9d>) # 5 KERNEL32.dll!BaseThreadInitThunk +0x11 (0x76ef33aa <KERNEL32.dll+0x133aa>) # 6 ntdll.dll!RtlInitializeExceptionChain +0x62 (0x778e9ef2 <ntdll.dll+0x39ef2>) # 7 ntdll.dll!RtlInitializeExceptionChain +0x35 (0x778e9ec5 <ntdll.dll+0x39ec5>) DUPLICATE ERROR COUNTS: SUPPRESSIONS USED: ERRORS FOUND: 0 unique, 0 total unaddressable access(es) 0 unique, 0 total uninitialized access(es) 0 unique, 0 total invalid heap argument(s) 0 unique, 0 total GDI usage error(s) 0 unique, 0 total warning(s) 2 unique, 2 total, 252 byte(s) of leak(s) 0 unique, 0 total, 0 byte(s) of possible leak(s) ERRORS IGNORED: 322 still-reachable allocation(s) (re-run with "-show_reachable" for details) Details: C:\Users\MARV\AppData\Roaming/Dr. Memory/DrMemory-soffice.exe.6728.000/results.txt " Miguel Ángel
Created attachment 74591 [details] Bug 58630 - WinDbg session > Steps to reproduce : > Open a new spreadsheet and select any cell > 1/ Data > Validity > Cell range > 2/ click the icon “shrink” at the right of the Source field (without > entering anything) > 3/ in the new window, click the icon “shrink” (without entering anything) > 4/ the return is incorrect, the Source field is not displayed > 5/ OK Confirmed with: LO 4.0.0.3 Build ID: own W7 debug build Windows 7 Professional SP1 64 bit Source field is not displayed. Crash on exit. Attached full WinDbg session.
bfoman: thank you for the bt Kohei/Markus/Eike: I didn't succeeded in reproducing the crash but others did and bfoman even retrieved a bt, one for you?
Confirmed for Windows XP SP3. IA32 (X86) processor. LibreOffice 4.0.0.3
The shifting and mis-behavior of the range picker in the validity dialog is certain concerning. I think we need to fix that first. Crash is probably just a manifestation of that glitch. I believe this dialog is one of the first ones to adopt the new modal range-picker dialog?
(In reply to comment #13) > I believe this dialog is one of the first ones to adopt the new modal > range-picker dialog? No it still uses the old modeless implementation but it might be related to the code changes to allow modal RefEdit dialogs.
I'll put Caolan on CC. This looks to me like the crasher is caused as a result of the dialog conversion to the new widget layout engine. Besides the crasher, the dialog does not shrink when clicking the ref picker button. The two *may* be related...
oh great :-( I only encountered the "mangle window hierarchy" refbutton thing a day or two ago for insert->names, unfortunate that it exists in a SfxTabDialog.
Caolan McNamara committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=4e0c6a0ac78d3c68922e032eec7f9c05cc39023a Resolves: fdo#58630 crash with refEdit button in SfxTabDialog The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolan McNamara committed a patch related to this issue. It has been pushed to "libreoffice-4-0": http://cgit.freedesktop.org/libreoffice/core/commit/?id=709616cdb1ae8458249384b4c0718bbe5c0cf976&h=libreoffice-4-0 Resolves: fdo#58630 refEdit button shrink mangles dialog It will be available in LibreOffice 4.0.2. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
*** Bug 61948 has been marked as a duplicate of this bug. ***
I confirm the fix of this bug, thanks for that: Tested with: Version 4.1.0.0.alpha0+ (Build ID: d7ca9b5cbcac463dd1baa089180bac2a1c0e5e3) TinderBox: Win-x86@6, Branch:master, Time: 2013-03-09_23:19:58 and Version 4.0.2.0+ (Build ID: 4f569b6b787586671626f03a61c20b39142a230) Vista-32b But a crash is still there when you try to enter a cell range. I think it might be a different issue and it is not relevant to reopen this bug. Please have a look at bug 61250 Do you agree about that?
(In reply to comment #20) > Please have a look at bug 61250 Sorry, read please bug 61520
Tested on LibreOffice 4.0.2.2. Windows XP SP3 (32 bits). Bug wasn't fixed.
It looks like a duplicate of Bug 61948. I have written several step-by-step instructions how to reproduce the crash, see noted bug.
lets keep this one closed and work on bug 61948 because that one has more details as to how to reproduce the remaining broken scenarios