Created attachment 103205 [details] bugdoc Steps to reproduce: 1/ open the attached bugdoc 2/ select rows 2 to 4 3/ click on the button "Sort ascending" LO 4.3.1.0.0+ crashes by segmentation fault. Backtrace follows. Best regards. JBF
Created attachment 103206 [details] backtrace of the crash
Cannot reproduce with LO 4.3RC3 OS X 10.9.4 cannot reproduce with Ubuntu 14.04 LO 4.2.5.2 so adding regression, but we need someone with LO 4.3 to confirm.
Missed to add the build ID of my 4.3.1.0.0+ : Build ID: f6445efb0e5c3de099f0425825fe1e6e8271dfb9 Clean build (make distclean > ./autogen.sh > make) on Ubuntu 14.04 x86-64 I guess the crash is linked to the fix for bug 81309 which, if I am not wrong, is not in LO 4.3.0.3. Best regards. JBF
Tested on openSUSE with 4.3.0.3 (RC3), cannot reproduce the crash.
Confirmed: Ubuntu 14.04 x64 LibreOffice 4.4 built: Mon Jul 21 13:38:10 2014 -0400 Priority: New Critical - crasher with relatively common steps (just a sort) + regression Highest - regression on a crasher that likely will affect many users MAB 4.3
This bug now affects 4.2.7.0.0+ Build ID: f5949d09321e3ac62538df0e70e58284bd1cab32 since the backport of fix for bug 81309. Best regards. JBF
@JBF - why did you lower severity/priority and change back to x64? :-D
Set version number to unspecified because it affects development versions of each branch 4.2, 4.3 and master. Version: 4.2.7.0.0+ Build ID: f5949d09321e3ac62538df0e70e58284bd1cab32 Version: 4.3.1.0.0+ Build ID: f6445efb0e5c3de099f0425825fe1e6e8271dfb9 Master : see comment #5 Best regards. JBF
After discussion on IRC, master is a better version number here. Best regards. JBF
(In reply to comment #7) > @JBF - why did you lower severity/priority and change back to x64? :-D Probably I did not update the webpage before adding a new comment. Set back as you did. Best regards.JBF
Kohei/Markus/Eike: one for you? bt shows mdds part
Reverting "fdo#81309: Adjust references during sort." http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-4-3&id=5c3bcc6fe3653aed79a11abbead66f11896e7ee8 on version 4.3.1.0.0+ (build ID: f6445efb0e5c3de099f0425825fe1e6e8271dfb9) under Ubuntu 14.04 x86-64 solves the problem for me. Best regards. JBF
FYI I'm very overloaded with customer bugs at the moment and there is no end in sight. I'll try to find time during some of my weekend time, but please be very very patient.
(In reply to comment #11) > Kohei/Markus/Eike: one for you? bt shows mdds part Julien, seeing mdds doesn't mean the problem is in the mdds, just like seeing stl in the stacktrace doesn't mean it's a bug in STL. So many folks make this incorrect assumption in so many bug reports it's starting to get to me a bit.
Kohei: Ok, sorry for this, I'll try to keep this in mind :-)
Created attachment 103508 [details] bt with master sources On pc Debian x86-64 with master sources updated yesterday (+dbg enabled), I could reproduce the crash (the bt is quite different from the existing one).
Just before advance instruction, I displayed the value of nLenght2, it was: -1717986910 (!) (whereas distance with end iterator = 10) I had tried another time and had another value. It could be due to something not initialized.
I'll take this.
Kohei Yoshida committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=97f700721e942912101d5acd73433448e57e39e5 fdo#81617: Write test for this first. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Kohei Yoshida committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=a3fc7f20089062afa4f778e70ba8be84032a30a7 fdo#81617: Split formula groups at sort range boundaries. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Fixed on master. Luckily it was an easy fix.
With master sources updated to include the patch, I don't reproduce the bug. Thank you Kohei!
Kohei Yoshida committed a patch related to this issue. It has been pushed to "libreoffice-4-2": http://cgit.freedesktop.org/libreoffice/core/commit/?id=290d0d779551b84dfa42e0c026ce4d7c0f00ea7a&h=libreoffice-4-2 fdo#81617: Split formula groups at sort range boundaries. It will be available in LibreOffice 4.2.7. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Kohei Yoshida committed a patch related to this issue. It has been pushed to "libreoffice-4-3": http://cgit.freedesktop.org/libreoffice/core/commit/?id=0cb7d753b6b51411ab8dd72eab79f855a1d21c4d&h=libreoffice-4-3 fdo#81617: Split formula groups at sort range boundaries. It will be available in LibreOffice 4.3.1. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.