Document with crashy JS macro: attachment 90225 [details] originating from bug 72240. The crash happens upon running the macro, but I got a Windows backtrace of crash already when opening the JS macro organizer: attachment 115241 [details] Raal confirmed crash on Win 7. Linux LibO 4.4.2 doesn't have a JS macro organizer it seems, so I could not test on Linux. Win 7 Pro 64-bit, Version: 4.4.3.2 Build ID: 88805f81e9fe61362df02b9941de8e38a9b5fd16 Locale: fi_FI
Setting to NEW as raal already confirmed.
The history of this appears to be that: Running the script initially broke at (1), but with a somewhat different error to the present one; the JS script in the document became inaccessible altogether shortly after at (2), which was then fixed at (3), making the script visible again but still not allowing it to be run successfully. Adding Cc: to noelgrandin@gmail.com, sbergman@redhat.com; Could you possibly take a look at this one? Thanks (1) commit da677dfd59c2b551f3335ee0a5d5dfb33f9869c5 Author: Noel Grandin <noel@peralex.com> AuthorDate: Fri Aug 8 11:36:04 2014 +0200 Commit: Noel Grandin <noel@peralex.com> CommitDate: Wed Aug 13 08:49:22 2014 +0200 java: reduce scope, make fields private found by UCDetector Change-Id: I7f97e15667159cf8ee776e8f32fdcdec8ec00ed6 (2) commit 70f56bc22fe952c75ec714e05e1bb5296491a36a Author: Noel Grandin <noel@peralex.com> AuthorDate: Fri Aug 8 11:39:00 2014 +0200 Commit: Noel Grandin <noel@peralex.com> CommitDate: Wed Aug 13 08:49:23 2014 +0200 java: reduce scope, make member classes private found by UCDetector Change-Id: Ief32d078090102b14b60b35fc36542f8d4fb252b (3) commit 31c379041c6a40a7ef3862349ccb9f4f9ac23260 Author: Stephan Bergmann <sbergman@redhat.com> AuthorDate: Tue Sep 16 12:57:50 2014 +0200 Commit: Stephan Bergmann <sbergman@redhat.com> CommitDate: Tue Sep 16 12:57:50 2014 +0200 ScriptProvider implementations need to be accessible ...from com.sun.star.comp.loader.FactoryHelper. Regression introduced with 70f56bc22fe952c75ec714e05e1bb5296491a36a "java: reduce scope, make member classes private." Change-Id: Iabf41a5eca2df25408e90428c60736b4a73db4c3
setting breakpoints go me this: Breakpoint 2, vcl::Window::~Window (this=0x1d554f0) at /home/noel/libo4/vcl/source/window/window.cxx:579 579 { (gdb) bt 30 #0 vcl::Window::~Window (this=0x1d554f0) at /home/noel/libo4/vcl/source/window/window.cxx:579 #1 0x00002aaab1bc95d7 in Control::~Control (this=0x1d554f0) at /home/noel/libo4/vcl/source/control/ctrl.cxx:71 #2 0x00002aaaafc8d1b4 in SvTreeListBox::~SvTreeListBox (this=0x1d554f0) at /home/noel/libo4/svtools/source/contnr/treelistbox.cxx:1543 #3 0x00002aaadf74b915 in SFTreeListBox::~SFTreeListBox (this=0x1d554f0) at /home/noel/libo4/cui/source/dialogs/scriptdlg.cxx:105 #4 0x00002aaadf74ba59 in SFTreeListBox::~SFTreeListBox (this=0x1d554f0) at /home/noel/libo4/cui/source/dialogs/scriptdlg.cxx:103 #5 0x00002aaab191895e in OutputDevice::release (this=0x1d554f0) at /home/noel/libo4/include/vcl/outdev.hxx:284 #6 0x00002aaab19188ae in rtl::Reference<vcl::Window>::set (this=0x19055c0, pBody=0x0) at /home/noel/libo4/include/rtl/ref.hxx:95 #7 0x00002aaab191b650 in rtl::Reference<vcl::Window>::operator= (this=0x19055c0, handle=empty rtl::Reference) at /home/noel/libo4/include/rtl/ref.hxx:106 #8 0x00002aaab190f76f in VclPtr<vcl::Window>::operator= (this=0x19055c0) at /home/noel/libo4/include/vcl/vclptr.hxx:83 #9 0x00002aaab19581ab in vcl::Window::ImplRemoveWindow (this=0x1d554f0, bRemoveFrameData=true) at /home/noel/libo4/vcl/source/window/stacking.cxx:148 #10 0x00002aaab1b4020a in vcl::Window::dispose (this=0x1d554f0) at /home/noel/libo4/vcl/source/window/window.cxx:511 #11 0x00002aaab1bc9684 in Control::dispose (this=0x1d554f0) at /home/noel/libo4/vcl/source/control/ctrl.cxx:76 #12 0x00002aaaafc8d636 in SvTreeListBox::dispose (this=0x1d554f0) at /home/noel/libo4/svtools/source/contnr/treelistbox.cxx:1584 #13 0x00002aaadf74bb22 in SFTreeListBox::dispose (this=0x1d554f0) at /home/noel/libo4/cui/source/dialogs/scriptdlg.cxx:110 #14 0x00002aaab1ce6401 in OutputDevice::disposeOnce (this=0x1d554f0) at /home/noel/libo4/vcl/source/outdev/outdev.cxx:202 #15 0x00002aaab1993c6c in VclPtr<vcl::Window>::disposeAndClear (this=0x1c8fc98) at /home/noel/libo4/include/vcl/vclptr.hxx:209 #16 0x00002aaab1976904 in VclBuilder::disposeBuilder (this=0x1eebfa0) at /home/noel/libo4/vcl/source/window/builder.cxx:536 #17 0x00002aaab19e638f in VclBuilderContainer::disposeBuilder (this=0x18fd560) at /home/noel/libo4/vcl/source/window/dialog.cxx:462 #18 0x00002aaab1ad984c in SystemWindow::dispose (this=0x18fd340) at /home/noel/libo4/vcl/source/window/syswin.cxx:121 #19 0x00002aaab19e7074 in Dialog::dispose (this=0x18fd340) at /home/noel/libo4/vcl/source/window/dialog.cxx:557 #20 0x00002aaaaeb42a6d in SfxModalDialog::dispose (this=0x18fd340) at /home/noel/libo4/sfx2/source/dialog/basedlgs.cxx:180 #21 0x00002aaadf74fa4e in SvxScriptOrgDialog::dispose (this=0x18fd340) at /home/noel/libo4/cui/source/dialogs/scriptdlg.cxx:521 #22 0x00002aaab1ce6401 in OutputDevice::disposeOnce (this=0x18fd340) at /home/noel/libo4/vcl/source/outdev/outdev.cxx:202 #23 0x00002aaadf79ff8c in VclPtr<Dialog>::disposeAndClear (this=0x17edec8) at /home/noel/libo4/include/vcl/vclptr.hxx:209 #24 0x00002aaadf79fff8 in ScopedVclPtr<Dialog>::~ScopedVclPtr (this=0x17edec8) at /home/noel/libo4/include/vcl/vclptr.hxx:344 #25 0x00002aaadf7a6695 in CuiVclAbstractDialog_Impl::~CuiVclAbstractDialog_Impl (this=0x17edec0) at /home/noel/libo4/cui/source/factory/dlgfact.hxx:91 #26 0x00002aaadf7a66c9 in CuiVclAbstractDialog_Impl::~CuiVclAbstractDialog_Impl (this=0x17edec0) at /home/noel/libo4/cui/source/factory/dlgfact.hxx:91 #27 0x00002aaaae96be68 in SfxApplication::OfaExec_Impl (this=0x12dd4a0, rReq=...) at /home/noel/libo4/sfx2/source/appl/appserv.cxx:1208 #28 0x00002aaaae94b568 in SfxStubSfxApplicationOfaExec_Impl (pShell=0x12dd4a0, rReq=...) at /home/noel/libo4/workdir/SdiTarget/sfx2/sdi/sfxslots.hxx:1217 #29 0x00002aaaaea98932 in SfxShell::CallExec (this=0x12dd4a0, pFunc=0x2aaaae94b540 <SfxStubSfxApplicationOfaExec_Impl(SfxShell*, SfxRequest&)>, rReq=...) at /home/noel/libo4/include/sfx2/shell.hxx:210 As can be seen by looking at the values of the this pointer, 0x1d554f0 is being destructed before we are done with it, which does not make a lot of sense because we should be holding a reference to it at stack location #15
(In reply to Matthew Francis from comment #2) > The history of this appears to be that: [...] > making the script visible again but still not > allowing it to be run successfully. What is the exact problem? Something else than the crash on current master described in comment 3, which happens upon "Tools - Macros - Organize Macros - JavaScript... - demo.ods - Language - language.js.js - Edit"?
(In reply to Stephan Bergmann from comment #4) > What is the exact problem? Something else than the crash on current master > described in comment 3, which happens upon "Tools - Macros - Organize Macros > - JavaScript... - demo.ods - Language - language.js.js - Edit"? I was using "Run" rather than "Edit" but it looks like probably the same issue
Oooh - nasty; another reference clobbering issue; needs to get a gdb hardware watchpoint log and chase where the references are getting mangled I guess =) Will chase it.
This looks very much like the problem I fixed in SvTreeListBox: #12 0x00002aaaafc8d636 in SvTreeListBox::dispose (this=0x1d554f0) at /home/noel/libo4/svtools/source/contnr/treelistbox.cxx:1584 Can't reproduce vs. recent master; so marking fixed =) Thanks for the report.
Migrating Whiteboard tags to Keywords: (bibisected) [NinjaEdit]