Make persistent last size of remote file dialog #4
Comments
|
Issue as a reminder to discuss upstream |
beppec56
pushed a commit
that referenced
this issue
Sep 22, 2016
...after 1658bd2 "loplugin:unusedenumvalues" broke it again after 992fba9 "ubsan: 9 is not a valid value for type ´SvxNumType´" had fixed it the last time. This time, acknowledge that SvxNumType can apparently take on rather arbitrary sal_Int16 values from the css::style::NumberingTypes constants, and make it an alias for sal_Int16 (whether or not keeping such a trivial alias is good or bad overall). Or is the bug elsewhere, and values of type SvxNumType should really only take on the restricted set of values originally encoded by the enum? At least the below UBSan backtrace (from CppunitTest_sw_rtfexport) suggests otherwise, but then again there's also an SvxExtNumType enum (include/editeng/svxenum.hxx), encompassing more parts of css::style::NumberingTypes. Oh, my. > svx/source/items/pageitem.cxx:49:25: runtime error: load of value 9, which is not a valid value for type 'SvxNumType' > #0 0x2aafdaebe669 in SvxPageItem::SvxPageItem(SvxPageItem const&) svx/source/items/pageitem.cxx:49:25 > #1 0x2aafdaebf194 in SvxPageItem::Clone(SfxItemPool*) const svx/source/items/pageitem.cxx:59:16 > #2 0x2aaf7fab9b7c in SfxItemPool::Put(SfxPoolItem const&, unsigned short) svl/source/items/itempool.cxx:632:40 > #3 0x2aaf7fc4794a in SfxItemSet::Put(SfxPoolItem const&, unsigned short) svl/source/items/itemset.cxx:467:56 > #4 0x2aaf7fb96635 in SfxItemSet::Put(SfxPoolItem const&) include/svl/itemset.hxx:131:42 > #5 0x2aaf7fb89539 in SfxItemPropertySet::setPropertyValue(SfxItemPropertySimpleEntry const&, com::sun::star::uno::Any const&, SfxItemSet&) const svl/source/items/itemprop.cxx:256:14 > #6 0x2aaf9ef1a5d4 in void SwXStyle::SetPropertyValue<(unsigned short)1>(SfxItemPropertySimpleEntry const&, SfxItemPropertySet const&, com::sun::star::uno::Any const&, SwStyleBase_Impl&) sw/source/core/unocore/unostyle.cxx:1596:14 > #7 0x2aaf9ef3c72f in SwXStyle::SetStyleProperty(SfxItemPropertySimpleEntry const&, SfxItemPropertySet const&, com::sun::star::uno::Any const&, SwStyleBase_Impl&) sw/source/core/unocore/unostyle.cxx:2013:9 > #8 0x2aaf9ef8103d in SwXPageStyle::SetPropertyValues_Impl(com::sun::star::uno::Sequence<rtl::OUString> const&, com::sun::star::uno::Sequence<com::sun::star::uno::Any> const&) sw/source/core/unocore/unostyle.cxx:3025:17 > #9 0x2aaf9ef821ee in SwXPageStyle::setPropertyValues(com::sun::star::uno::Sequence<rtl::OUString> const&, com::sun::star::uno::Sequence<com::sun::star::uno::Any> const&) sw/source/core/unocore/unostyle.cxx:3053:9 > #10 0x2ab00730d08b in writerfilter::dmapper::SectionPropertyMap::ApplyProperties_(com::sun::star::uno::Reference<com::sun::star::beans::XPropertySet> const&) writerfilter/source/dmapper/PropertyMap.cxx:1489:24 > #11 0x2ab00731cede in writerfilter::dmapper::SectionPropertyMap::CloseSectionGroup(writerfilter::dmapper::DomainMapper_Impl&) writerfilter/source/dmapper/PropertyMap.cxx:1331:13 > #12 0x2ab006b9ede2 in writerfilter::dmapper::DomainMapper::lcl_endSectionGroup() writerfilter/source/dmapper/DomainMapper.cxx:2823:30 > LibreOffice#13 0x2ab0071db9f9 in writerfilter::LoggedStream::endSectionGroup() writerfilter/source/dmapper/LoggedResources.cxx:101:5 > LibreOffice#14 0x2ab006712a3b in writerfilter::rtftok::RTFDocumentImpl::sectBreak(bool) writerfilter/source/rtftok/rtfdocumentimpl.cxx:633:18 > LibreOffice#15 0x2ab0067a8c13 in writerfilter::rtftok::RTFDocumentImpl::popState() writerfilter/source/rtftok/rtfdocumentimpl.cxx:2789:13 > LibreOffice#16 0x2ab006a26134 in writerfilter::rtftok::RTFTokenizer::resolveParse() writerfilter/source/rtftok/rtftokenizer.cxx:105:33 > LibreOffice#17 0x2ab0067194f9 in writerfilter::rtftok::RTFDocumentImpl::resolve(writerfilter::Stream&) writerfilter/source/rtftok/rtfdocumentimpl.cxx:740:27 > LibreOffice#18 0x2ab0075ebae7 in RtfFilter::filter(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) writerfilter/source/filter/RtfFilter.cxx:147:20 > LibreOffice#19 0x2aafcf2873a5 in SfxObjectShell::ImportFrom(SfxMedium&, com::sun::star::uno::Reference<com::sun::star::text::XTextRange> const&) sfx2/source/doc/objstor.cxx:2261:30 > LibreOffice#20 0x2aafcf22d4d2 in SfxObjectShell::DoLoad(SfxMedium*) sfx2/source/doc/objstor.cxx:764:23 > LibreOffice#21 0x2aafcf4a4d09 in SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) sfx2/source/doc/sfxbasemodel.cxx:1841:36 > LibreOffice#22 0x2aafcfde31b3 in (anonymous namespace)::SfxFrameLoader_Impl::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&) sfx2/source/view/frmload.cxx:698:28 > LibreOffice#23 0x2aaffef07028 in framework::LoadEnv::impl_loadContent() framework/source/loadenv/loadenv.cxx:1110:37 > LibreOffice#24 0x2aaffeeead5a in framework::LoadEnv::startLoading() framework/source/loadenv/loadenv.cxx:379:20 > LibreOffice#25 0x2aaffeee3919 in framework::LoadEnv::loadComponentFromURL(com::sun::star::uno::Reference<com::sun::star::frame::XComponentLoader> const&, com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&, rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) framework/source/loadenv/loadenv.cxx:165:14 > LibreOffice#26 0x2aafff10ddac in framework::Desktop::loadComponentFromURL(rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) framework/source/services/desktop.cxx:596:12 > LibreOffice#27 0x2aafff10e11a in non-virtual thunk to framework::Desktop::loadComponentFromURL(rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) framework/source/services/desktop.cxx:582:64 > LibreOffice#28 0x2aafab4c3938 in unotest::MacrosTest::loadFromDesktop(rtl::OUString const&, rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) unotest/source/cpp/macros_test.cxx:50:60 > LibreOffice#29 0x2aaf90aee900 in SwModelTestBase::loadURL(rtl::OUString const&, char const*) sw/qa/extras/inc/swmodeltestbase.hxx:621:23 > LibreOffice#30 0x2aaf90aed267 in SwModelTestBase::load(char const*, char const*) sw/qa/extras/inc/swmodeltestbase.hxx:610:16 > LibreOffice#31 0x2aaf90aec404 in SwModelTestBase::executeImportTest(char const*) sw/qa/extras/inc/swmodeltestbase.hxx:222:13 > LibreOffice#32 0x2aaf90cf4d31 in testTdf65642::Import() sw/qa/extras/rtfexport/rtfexport.cxx:1013:1 > LibreOffice#33 0x2aaf90cf62af in CppUnit::TestCaller<testTdf65642>::runTest() workdir/UnpackedTarball/cppunit/include/cppunit/TestCaller.h:166:6 > LibreOffice#34 0x2aaf4ee5d7dd in CppUnit::TestCaseMethodFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/TestCase.cpp:32:5 > LibreOffice#35 0x2aaf680c4cd6 in (anonymous namespace)::Protector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) test/source/vclbootstrapprotector.cxx:36:14 > LibreOffice#36 0x2aaf4ee17a87 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:25 > LibreOffice#37 0x2aaf5ea4a8a6 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unotest/source/cpp/unobootstrapprotector/unobootstrapprotector.cxx:89:12 > LibreOffice#38 0x2aaf4ee17a87 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:25 > LibreOffice#39 0x2aaf5abd5ef4 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unotest/source/cpp/unoexceptionprotector/unoexceptionprotector.cxx:65:16 > LibreOffice#40 0x2aaf4ee17a87 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:25 > LibreOffice#41 0x2aaf4ed8c2ef in CppUnit::DefaultProtector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) workdir/UnpackedTarball/cppunit/src/cppunit/DefaultProtector.cpp:15:12 > LibreOffice#42 0x2aaf4ee17a87 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:25 > LibreOffice#43 0x2aaf4ee14101 in CppUnit::ProtectorChain::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:77:18 > #44 0x2aaf4eede065 in CppUnit::TestResult::protect(CppUnit::Functor const&, CppUnit::Test*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) workdir/UnpackedTarball/cppunit/src/cppunit/TestResult.cpp:181:28 > #45 0x2aaf4ee5a929 in CppUnit::TestCase::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestCase.cpp:91:13 > #46 0x2aaf4ee60ad3 in CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:64:30 > #47 0x2aaf4ee5fa3d in CppUnit::TestComposite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:23:3 > #48 0x2aaf4ee60ad3 in CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:64:30 > #49 0x2aaf4ee5fa3d in CppUnit::TestComposite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:23:3 > #50 0x2aaf4ef1eeb6 in CppUnit::TestRunner::WrappingSuite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestRunner.cpp:47:27 > #51 0x2aaf4eedbe79 in CppUnit::TestResult::runTest(CppUnit::Test*) workdir/UnpackedTarball/cppunit/src/cppunit/TestResult.cpp:148:9 > #52 0x2aaf4ef20440 in CppUnit::TestRunner::run(CppUnit::TestResult&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) workdir/UnpackedTarball/cppunit/src/cppunit/TestRunner.cpp:96:14 > #53 0x52b642 in (anonymous namespace)::ProtectedFixtureFunctor::run() const sal/cppunittester/cppunittester.cxx:305:20 > #54 0x52604d in sal_main() sal/cppunittester/cppunittester.cxx:455:20 > #55 0x524192 in main sal/cppunittester/cppunittester.cxx:362:1 > #56 0x2aaf50b3c730 in __libc_start_main (/lib64/libc.so.6+0x20730) > #57 0x437658 in _start (workdir/LinkTarget/Executable/cppunittester+0x437658) Change-Id: Id170860cbff9f4cae5c87cb5cfc70ffe3bc8c9c5
beppec56
pushed a commit
that referenced
this issue
Oct 14, 2016
...of this-ptr of in-construction FormFieldSignature while still in the base FormField ctor, as happens (in the xpdfimport process) during CppunitTest_xmlsecurity_signing: > Form.cc:448:12: runtime error: downcast of address 0x60f000000040 which does not point to an object of type 'FormFieldSignature' > 0x60f000000040: note: object is of type 'FormField' > 03 00 00 6d 50 84 f2 00 00 00 00 00 03 00 00 00 04 00 00 00 00 00 00 00 01 be be be 07 00 00 00 > ^~~~~~~~~~~~~~~~~~~~~~~ > vptr for 'FormField' > #0 0x73d7f4 in FormWidgetSignature::FormWidgetSignature(PDFDoc*, Object*, unsigned int, Ref, FormField*) workdir/UnpackedTarball/poppler/poppler/Form.cc:448:12 > #1 0x741713 in FormField::_createWidget(Object*, Ref) workdir/UnpackedTarball/poppler/poppler/Form.cc:677:34 > #2 0x73e747 in FormField::FormField(PDFDoc*, Object*, Ref const&, FormField*, std::set<int, std::less<int>, std::allocator<int> >*, FormFieldType) workdir/UnpackedTarball/poppler/poppler/Form.cc:547:7 > #3 0x74ec2b in FormFieldSignature::FormFieldSignature(PDFDoc*, Object*, Ref const&, FormField*, std::set<int, std::less<int>, std::allocator<int> >*) workdir/UnpackedTarball/poppler/poppler/Form.cc:1383:5 > #4 0x740d7f in Form::createFieldFromDict(Object*, PDFDoc*, Ref const&, FormField*, std::set<int, std::less<int>, std::allocator<int> >*) workdir/UnpackedTarball/poppler/poppler/Form.cc:1700:19 > #5 0x750727 in Form::Form(PDFDoc*, Object*) workdir/UnpackedTarball/poppler/poppler/Form.cc:1623:33 > #6 0x71d440 in Catalog::getForm() workdir/UnpackedTarball/poppler/poppler/Catalog.cc:1042:18 > #7 0x708572 in Annots::createAnnot(Dict*, Object*) workdir/UnpackedTarball/poppler/poppler/Annot.cc:7218:41 > #8 0x70772b in Annots::Annots(PDFDoc*, int, Object*) workdir/UnpackedTarball/poppler/poppler/Annot.cc:7128:17 > #9 0x87f3e9 in Page::getAnnots(XRef*) workdir/UnpackedTarball/poppler/poppler/Page.cc:405:18 > #10 0x8814b0 in Page::displaySlice(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) workdir/UnpackedTarball/poppler/poppler/Page.cc:611:15 > #11 0x880ff6 in Page::display(OutputDev*, double, double, int, bool, bool, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) workdir/UnpackedTarball/poppler/poppler/Page.cc:521:3 > #12 0x88d906 in PDFDoc::displayPage(OutputDev*, int, double, double, int, bool, bool, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) workdir/UnpackedTarball/poppler/poppler/PDFDoc.cc:491:20 > LibreOffice#13 0x5d59fb in main sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx:142:14 > LibreOffice#14 0x7f11600ea730 in __libc_start_main (/lib64/libc.so.6+0x20730) > LibreOffice#15 0x459388 in _start (instdir/program/xpdfimport+0x459388) Change-Id: Ia808919c8d2363d616feb4664f314a77b40dfbb8
beppec56
pushed a commit
that referenced
this issue
Nov 8, 2016
...to avoid use-after-free, as e.g. happens on macOS with -fsanitize=address in CppunitTest_sw_mailmerge: > ==29010==ERROR: AddressSanitizer: heap-use-after-free on address 0x60800088faf8 at pc 0x000118ebc153 bp 0x7fff52f81a40 sp 0x7fff52f81a38 > READ of size 8 at 0x60800088faf8 thread T0 > WARNING: failed decoding unknown ioctl 0x20007454 > WARNING: failed decoding unknown ioctl 0x20007452 > #0 0x118ebc152 in AquaSalMenu::SetSubMenu(SalMenuItem*, SalMenu*, unsigned int) salmenu.cxx:597 > #1 0x1177bbefc in Menu::SetPopupMenu(unsigned short, PopupMenu*) menu.cxx:803 > #2 0x138dccb5a in framework::MenuBarManager::RemoveListener() menubarmanager.cxx:552 > #3 0x138dcb452 in framework::MenuBarManager::Destroy() menubarmanager.cxx:237 > #4 0x138dcd6d7 in framework::MenuBarManager::dispose() menubarmanager.cxx:267 > #5 0x138dccfa2 in framework::MenuBarManager::RemoveListener() menubarmanager.cxx:587 > #6 0x138dcb452 in framework::MenuBarManager::Destroy() menubarmanager.cxx:237 > #7 0x138dcd6d7 in framework::MenuBarManager::dispose() menubarmanager.cxx:267 > #8 0x138e06acf in framework::MenuBarWrapper::dispose() menubarwrapper.cxx:103 > #9 0x1389c0f67 in framework::LayoutManager::impl_clearUpMenuBar() layoutmanager.cxx:226 > #10 0x1389c497b in framework::LayoutManager::implts_destroyElements() layoutmanager.cxx:447 > #11 0x1389c3777 in framework::LayoutManager::implts_reset(bool) layoutmanager.cxx:413 > #12 0x1389edf4b in framework::LayoutManager::frameAction(com::sun::star::frame::FrameActionEvent const&) layoutmanager.cxx:2811 > LibreOffice#13 0x138b9e1a8 in (anonymous namespace)::Frame::implts_sendFrameActionEvent(com::sun::star::frame::FrameAction const&) frame.cxx:3110 > LibreOffice#14 0x138b8219b in (anonymous namespace)::Frame::setComponent(com::sun::star::uno::Reference<com::sun::star::awt::XWindow> const&, com::sun::star::uno::Reference<com::sun::star::frame::XController> const&) frame.cxx:1557 > LibreOffice#15 0x138b88545 in (anonymous namespace)::Frame::close(unsigned char) frame.cxx:1801 > LibreOffice#16 0x12078429a in SfxFrame::DoClose() frame.cxx:127 > LibreOffice#17 0x120812990 in SfxViewFrame::Notify(SfxBroadcaster&, SfxHint const&) viewfrm.cxx:1234 > LibreOffice#18 0x11ab542d5 in SfxBroadcaster::Broadcast(SfxHint const&) SfxBroadcaster.cxx:50 > LibreOffice#19 0x1203a0682 in SfxModelListener_Impl::notifyClosing(com::sun::star::lang::EventObject const&) objxtor.cxx:171 > LibreOffice#20 0x1204453d2 in SfxBaseModel::close(unsigned char) sfxbasemodel.cxx:1372 > LibreOffice#21 0x1245130d5 in SwXTextDocument::close(unsigned char) unotxdoc.cxx:621 > LibreOffice#22 0x1247af99b in CloseModelAndDocSh(com::sun::star::uno::Reference<com::sun::star::frame::XModel>&, tools::SvRef<SfxObjectShell>&) unomailmerge.cxx:115 > LibreOffice#23 0x1247af4bf in DeleteTmpFile_Impl(com::sun::star::uno::Reference<com::sun::star::frame::XModel>&, tools::SvRef<SfxObjectShell>&, rtl::OUString const&) unomailmerge.cxx:342 > LibreOffice#24 0x1247b6ad6 in SwXMailMerge::execute(com::sun::star::uno::Sequence<com::sun::star::beans::NamedValue> const&) unomailmerge.cxx:814 > LibreOffice#25 0x1247b9c62 in non-virtual thunk to SwXMailMerge::execute(com::sun::star::uno::Sequence<com::sun::star::beans::NamedValue> const&) unomailmerge.cxx:434 > LibreOffice#26 0x11eeab4fd in MMTest::executeMailMerge() mailmerge.cxx:179 > LibreOffice#27 0x11eea2470 in testMultiPageAnchoredDraws::verify() mailmerge.cxx:336 > LibreOffice#28 0x11ef3be50 in MMTest::executeMailMergeTest(char const*, char const*, char const*, bool, int, char const*) mailmerge.cxx:87 > LibreOffice#29 0x11ef38af3 in testMultiPageAnchoredDraws::MailMerge() mailmerge.cxx:334 > LibreOffice#30 0x11ef557b9 in CppUnit::TestCaller<testMultiPageAnchoredDraws>::runTest() TestCaller.h:166 > LibreOffice#31 0x10cfff749 in CppUnit::TestCaseMethodFunctor::operator()() const TestCase.cpp:32 > LibreOffice#32 0x110736b67 in (anonymous namespace)::Protector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) vclbootstrapprotector.cxx:36 > LibreOffice#33 0x10cfc9c20 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const ProtectorChain.cpp:20 > LibreOffice#34 0x110498fa7 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unobootstrapprotector.cxx:89 > LibreOffice#35 0x10cfc9c20 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const ProtectorChain.cpp:20 > LibreOffice#36 0x10f776880 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unoexceptionprotector.cxx:65 > LibreOffice#37 0x10cfc9c20 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const ProtectorChain.cpp:20 > LibreOffice#38 0x10cf64042 in CppUnit::DefaultProtector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) DefaultProtector.cpp:15 > LibreOffice#39 0x10cfc9c20 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const ProtectorChain.cpp:20 > LibreOffice#40 0x10cfc7200 in CppUnit::ProtectorChain::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) ProtectorChain.cpp:77 > LibreOffice#41 0x10d06f15a in CppUnit::TestResult::protect(CppUnit::Functor const&, CppUnit::Test*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) TestResult.cpp:181 > LibreOffice#42 0x10cffd8cd in CppUnit::TestCase::run(CppUnit::TestResult*) TestCase.cpp:91 > LibreOffice#43 0x10d00097a in CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) TestComposite.cpp:64 > #44 0x10d00045e in CppUnit::TestComposite::run(CppUnit::TestResult*) TestComposite.cpp:23 > #45 0x10d00097a in CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) TestComposite.cpp:64 > #46 0x10d00045e in CppUnit::TestComposite::run(CppUnit::TestResult*) TestComposite.cpp:23 > #47 0x10d0990ac in CppUnit::TestRunner::WrappingSuite::run(CppUnit::TestResult*) TestRunner.cpp:47 > #48 0x10d06da55 in CppUnit::TestResult::runTest(CppUnit::Test*) TestResult.cpp:148 > #49 0x10d099ebd in CppUnit::TestRunner::run(CppUnit::TestResult&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) TestRunner.cpp:96 > #50 0x10cc6f509 in (anonymous namespace)::ProtectedFixtureFunctor::run() const cppunittester.cxx:305 > #51 0x10cc6a0ac in sal_main() cppunittester.cxx:455 > #52 0x10cc687a6 in main cppunittester.cxx:362 > #53 0x7fffc9f36254 in start (libdyld.dylib+0x5254) > > 0x60800088faf8 is located 88 bytes inside of 96-byte region [0x60800088faa0,0x60800088fb00) > freed by thread T0 here: > #0 0x10d327b6b in wrap__ZdlPv asan_new_delete.cc:179 > #1 0x118eb3011 in AquaSalMenu::~AquaSalMenu() salmenu.cxx:279 > #2 0x118eb10de in AquaSalInstance::DestroyMenu(SalMenu*) salmenu.cxx:238 > #3 0x1177acd1d in Menu::ImplSetSalMenu(SalMenu*) menu.cxx:2342 > #4 0x1177ab046 in Menu::dispose() menu.cxx:183 > #5 0x1177d86f5 in PopupMenu::dispose() menu.cxx:2764 > #6 0x117f99ee2 in VclReferenceBase::disposeOnce() vclreferencebase.cxx:42 > #7 0x1177bf7d8 in VclPtr<Menu>::disposeAndClear() vclptr.hxx:208 > #8 0x1177bbbd5 in Menu::SetPopupMenu(unsigned short, PopupMenu*) menu.cxx:788 > #9 0x138dccb5a in framework::MenuBarManager::RemoveListener() menubarmanager.cxx:552 > #10 0x138dcb452 in framework::MenuBarManager::Destroy() menubarmanager.cxx:237 > #11 0x138dcd6d7 in framework::MenuBarManager::dispose() menubarmanager.cxx:267 > #12 0x138dccfa2 in framework::MenuBarManager::RemoveListener() menubarmanager.cxx:587 > LibreOffice#13 0x138dcb452 in framework::MenuBarManager::Destroy() menubarmanager.cxx:237 > LibreOffice#14 0x138dcd6d7 in framework::MenuBarManager::dispose() menubarmanager.cxx:267 > LibreOffice#15 0x138e06acf in framework::MenuBarWrapper::dispose() menubarwrapper.cxx:103 > LibreOffice#16 0x1389c0f67 in framework::LayoutManager::impl_clearUpMenuBar() layoutmanager.cxx:226 > LibreOffice#17 0x1389c497b in framework::LayoutManager::implts_destroyElements() layoutmanager.cxx:447 > LibreOffice#18 0x1389c3777 in framework::LayoutManager::implts_reset(bool) layoutmanager.cxx:413 > LibreOffice#19 0x1389edf4b in framework::LayoutManager::frameAction(com::sun::star::frame::FrameActionEvent const&) layoutmanager.cxx:2811 > LibreOffice#20 0x138b9e1a8 in (anonymous namespace)::Frame::implts_sendFrameActionEvent(com::sun::star::frame::FrameAction const&) frame.cxx:3110 > LibreOffice#21 0x138b8219b in (anonymous namespace)::Frame::setComponent(com::sun::star::uno::Reference<com::sun::star::awt::XWindow> const&, com::sun::star::uno::Reference<com::sun::star::frame::XController> const&) frame.cxx:1557 > LibreOffice#22 0x138b88545 in (anonymous namespace)::Frame::close(unsigned char) frame.cxx:1801 > LibreOffice#23 0x12078429a in SfxFrame::DoClose() frame.cxx:127 > LibreOffice#24 0x120812990 in SfxViewFrame::Notify(SfxBroadcaster&, SfxHint const&) viewfrm.cxx:1234 > LibreOffice#25 0x11ab542d5 in SfxBroadcaster::Broadcast(SfxHint const&) SfxBroadcaster.cxx:50 > LibreOffice#26 0x1203a0682 in SfxModelListener_Impl::notifyClosing(com::sun::star::lang::EventObject const&) objxtor.cxx:171 > LibreOffice#27 0x1204453d2 in SfxBaseModel::close(unsigned char) sfxbasemodel.cxx:1372 > LibreOffice#28 0x1245130d5 in SwXTextDocument::close(unsigned char) unotxdoc.cxx:621 > LibreOffice#29 0x1247af99b in CloseModelAndDocSh(com::sun::star::uno::Reference<com::sun::star::frame::XModel>&, tools::SvRef<SfxObjectShell>&) unomailmerge.cxx:115 > > previously allocated by thread T0 here: > #0 0x10d32752b in wrap__Znwm asan_new_delete.cc:106 > #1 0x118eafa18 in AquaSalInstance::CreateMenu(bool, Menu*) salmenu.cxx:230 > #2 0x1177d75e0 in PopupMenu::PopupMenu() menu.cxx:2711 > #3 0x1177d7664 in PopupMenu::PopupMenu() menu.cxx:2710 > #4 0x129136557 in VclPtr<PopupMenu> VclPtr<PopupMenu>::Create<>() vclptr.hxx:131 > #5 0x1291362de in VCLXMenu::ImplCreateMenu(bool) vclxmenu.cxx:73 > #6 0x1291463ca in VCLXPopupMenu::VCLXPopupMenu() vclxmenu.cxx:901 > #7 0x129146414 in VCLXPopupMenu::VCLXPopupMenu() vclxmenu.cxx:900 > #8 0x138dc5e83 in framework::MenuBarManager::FillMenuManager(Menu*, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&, com::sun::star::uno::Reference<com::sun::star::frame::XDispatchProvider> const&, rtl::OUString const&, bool) menubarmanager.cxx:1354 > #9 0x138dc2316 in framework::MenuBarManager::MenuBarManager(com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&, com::sun::star::uno::Reference<com::sun::star::util::XURLTransformer> const&, com::sun::star::uno::Reference<com::sun::star::frame::XDispatchProvider> const&, rtl::OUString const&, Menu*, bool, bool) menubarmanager.cxx:140 > #10 0x138dc72bd in framework::MenuBarManager::MenuBarManager(com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&, com::sun::star::uno::Reference<com::sun::star::util::XURLTransformer> const&, com::sun::star::uno::Reference<com::sun::star::frame::XDispatchProvider> const&, rtl::OUString const&, Menu*, bool, bool) menubarmanager.cxx:138 > #11 0x138dc57bc in framework::MenuBarManager::FillMenuManager(Menu*, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&, com::sun::star::uno::Reference<com::sun::star::frame::XDispatchProvider> const&, rtl::OUString const&, bool) menubarmanager.cxx:1304 > #12 0x138dc2316 in framework::MenuBarManager::MenuBarManager(com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&, com::sun::star::uno::Reference<com::sun::star::util::XURLTransformer> const&, com::sun::star::uno::Reference<com::sun::star::frame::XDispatchProvider> const&, rtl::OUString const&, Menu*, bool, bool) menubarmanager.cxx:140 > LibreOffice#13 0x138dc72bd in framework::MenuBarManager::MenuBarManager(com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&, com::sun::star::uno::Reference<com::sun::star::util::XURLTransformer> const&, com::sun::star::uno::Reference<com::sun::star::frame::XDispatchProvider> const&, rtl::OUString const&, Menu*, bool, bool) menubarmanager.cxx:138 > LibreOffice#14 0x138e07ba5 in framework::MenuBarWrapper::initialize(com::sun::star::uno::Sequence<com::sun::star::uno::Any> const&) menubarwrapper.cxx:181 > LibreOffice#15 0x138f32e6d in framework::MenuBarFactory::CreateUIElement(rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&, char const*, rtl::OUString const&, com::sun::star::uno::Reference<com::sun::star::ui::XUIElement> const&, com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&) menubarfactory.cxx:154 > LibreOffice#16 0x138f31848 in framework::MenuBarFactory::createUIElement(rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) menubarfactory.cxx:63 > LibreOffice#17 0x138f3313a in non-virtual thunk to framework::MenuBarFactory::createUIElement(rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) menubarfactory.cxx:56 > LibreOffice#18 0x138f56f6e in (anonymous namespace)::UIElementFactoryManager::createUIElement(rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) uielementfactorymanager.cxx:450 > LibreOffice#19 0x138f5a94a in non-virtual thunk to (anonymous namespace)::UIElementFactoryManager::createUIElement(rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) uielementfactorymanager.cxx:408 > LibreOffice#20 0x1389ca5da in framework::LayoutManager::implts_createElement(rtl::OUString const&) layoutmanager.cxx:731 > LibreOffice#21 0x1389d6fb4 in framework::LayoutManager::createElement(rtl::OUString const&) layoutmanager.cxx:1482 > LibreOffice#22 0x11fbd36f1 in SfxDispatcher::SetMenu_Impl() dispatch.cxx:1216 > LibreOffice#23 0x11fbc36dc in SfxDispatcher::Update_Impl(bool) dispatch.cxx:1290 > LibreOffice#24 0x11fb7556d in SfxBindings::NextJob_Impl(Timer*) bindings.cxx:1459 > LibreOffice#25 0x11fb8ad4c in SfxBindings::NextJob(Timer*) bindings.cxx:1441 > LibreOffice#26 0x11fb61177 in SfxBindings::LinkStubNextJob(void*, Timer*) bindings.cxx:1439 > LibreOffice#27 0x11898aea1 in Link<Timer*, void>::Call(Timer*) const link.hxx:84 > LibreOffice#28 0x11898add6 in Timer::Invoke() timer.cxx:88 > LibreOffice#29 0x1188dae6d in ImplSchedulerData::Invoke() scheduler.cxx:47 Change-Id: I16d5b11710ee46dbaa77afd94a09ba5f07a311b0
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...when doing "Format - Page..." in Writer: > cui/source/tabpages/tparea.cxx:268:12: runtime error: load of value 4294967295, which is not a valid value for type 'FillType' > #0 0x7f89ff653a41 in SvxAreaTabPage::Reset(SfxItemSet const*) cui/source/tabpages/tparea.cxx:268:12 > #1 0x7f8d15524560 in SfxTabDialog::ActivatePageHdl(TabControl*) sfx2/source/dialog/tabdlg.cxx:1117:19 > #2 0x7f8d1551b0e3 in SfxTabDialog::LinkStubActivatePageHdl(void*, TabControl*) sfx2/source/dialog/tabdlg.cxx:1035:1 > #3 0x7f8cef623f37 in Link<TabControl*, void>::Call(TabControl*) const include/tools/link.hxx:84:45 > #4 0x7f8cef5dfcaa in TabControl::ActivatePage() vcl/source/control/tabctrl.cxx:1601:19 Change-Id: I19dd3ed9d362132daa3f3be9fb0e9702a62bdeb0
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...when doing "Format - Page..." in Writer (and eFillType is TRANSPARENT): > cui/source/tabpages/tparea.cxx:331:33: runtime error: reference binding to null pointer of type 'SfxTabPage' > #0 0x7f9f053e936f in SvxAreaTabPage::SelectFillTypeHdl_Impl(Button*) cui/source/tabpages/tparea.cxx:331:9 > #1 0x7f9f053e548c in SvxAreaTabPage::ActivatePage(SfxItemSet const&) cui/source/tabpages/tparea.cxx:157:13 > #2 0x7fa21be01676 in SfxTabDialog::ActivatePageHdl(TabControl*) sfx2/source/dialog/tabdlg.cxx:1126:19 > #3 0x7fa21bdf70e3 in SfxTabDialog::LinkStubActivatePageHdl(void*, TabControl*) sfx2/source/dialog/tabdlg.cxx:1035:1 > #4 0x7fa1f5efff37 in Link<TabControl*, void>::Call(TabControl*) const include/tools/link.hxx:84:45 > #5 0x7fa1f5ebbcaa in TabControl::ActivatePage() vcl/source/control/tabctrl.cxx:1601:19 Change-Id: I279f507038ab4bae1be4f02b6537e6d1aab76348
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...when doing "Format - Page..." in Writer: > vcl/source/control/field.cxx:621:20: runtime error: signed integer overflow: 9223372036854775807 * 100 cannot be represented in type 'long' > #0 0x7f57787c4868 in NumericFormatter::Normalize(long) const vcl/source/control/field.cxx:621:20 > #1 0x7f578a4608dc in SetFieldUnit(MetricField&, FieldUnit, bool) svtools/source/misc/unitconv.cxx:75:32 > #2 0x7f5488952648 in SvxPageDescPage::SvxPageDescPage(vcl::Window*, SfxItemSet const&) cui/source/tabpages/page.cxx:275:5 > #3 0x7f54889c3ea4 in VclPtr<SvxPageDescPage> VclPtr<SvxPageDescPage>::Create<vcl::Window*&, SfxItemSet const&>(vcl::Window*&, SfxItemSet const&) include/vcl/vclptr.hxx:138:46 > #4 0x7f5488925d27 in SvxPageDescPage::Create(vcl::Window*, SfxItemSet const*) cui/source/tabpages/page.cxx:162:12 > #5 0x7f579ea86df4 in SfxTabDialog::ActivatePageHdl(TabControl*) sfx2/source/dialog/tabdlg.cxx:1085:24 > #6 0x7f579ea800e3 in SfxTabDialog::LinkStubActivatePageHdl(void*, TabControl*) sfx2/source/dialog/tabdlg.cxx:1035:1 > #7 0x7f5778b88f37 in Link<TabControl*, void>::Call(TabControl*) const include/tools/link.hxx:84:45 > #8 0x7f5778b44caa in TabControl::ActivatePage() vcl/source/control/tabctrl.cxx:1601:19 and NumericFormatter::mnMax is still SAL_MAX_INT64 (but will be set to a smaller value a few lines futher down in the SvxPageDescPage ctor). So initialize mnMax to a substantially smaller value (that is still "large", but avoids this kind of overflow), and hope that no code relies on the exact initial value. Change-Id: If3b4db1d20bc59418d1769e9690bc7ecdbf29a50
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...during CppunitTest_filter_dialogs_test: > filter/source/xsltdialog/xmlfiltersettingsdialog.cxx:1398:20: runtime error: reference binding to null pointer of type 'ResMgr' > #0 0x7f144bf5ab10 in XMLFilterListBox::XMLFilterListBox(vcl::Window*, SvxPathControl*) filter/source/xsltdialog/xmlfiltersettingsdialog.cxx:1398:20 > #1 0x7f144bf7abb8 in VclPtr<XMLFilterListBox> VclPtr<XMLFilterListBox>::Create<VclPtr<VclVBox>&, SvxPathControl*>(VclPtr<VclVBox>&, SvxPathControl*&&) include/vcl/vclptr.hxx:138:46 > #2 0x7f144bf50df8 in SvxPathControl::SvxPathControl(vcl::Window*) filter/source/xsltdialog/xmlfiltersettingsdialog.cxx:1312:20 > #3 0x7f144bf7d487 in VclPtr<SvxPathControl> VclPtr<SvxPathControl>::Create<VclPtr<vcl::Window>&>(VclPtr<vcl::Window>&) include/vcl/vclptr.hxx:138:46 > #4 0x7f144bf56a2f in makeSvxPathControl filter/source/xsltdialog/xmlfiltersettingsdialog.cxx:1378:1 > #5 0x7f14d2060a04 in VclBuilder::makeObject(vcl::Window*, rtl::OString const&, rtl::OString const&, std::__debug::map<rtl::OString, rtl::OString, std::less<rtl::OString>, std::allocator<std::pair<rtl::OString const, rtl::OString> > >&) vcl/source/window/builder.cxx:1793:17 > #6 0x7f14d2078ddb in VclBuilder::insertObject(vcl::Window*, rtl::OString const&, rtl::OString const&, std::__debug::map<rtl::OString, rtl::OString, std::less<rtl::OString>, std::allocator<std::pair<rtl::OString const, rtl::OString> > >&, std::__debug::map<rtl::OString, rtl::OString, std::less<rtl::OString>, std::allocator<std::pair<rtl::OString const, rtl::OString> > >&, std::__debug::map<rtl::OString, rtl::OString, std::less<rtl::OString>, std::allocator<std::pair<rtl::OString const, rtl::OString> > >&) vcl/source/window/builder.cxx:1887:25 > #7 0x7f14d208790a in VclBuilder::handleObject(vcl::Window*, xmlreader::XmlReader&) vcl/source/window/builder.cxx:2856:37 > #8 0x7f14d20215bc in VclBuilder::handleChild(vcl::Window*, xmlreader::XmlReader&) vcl/source/window/builder.cxx:2114:33 > #9 0x7f14d2087bea in VclBuilder::handleObject(vcl::Window*, xmlreader::XmlReader&) vcl/source/window/builder.cxx:2859:17 > #10 0x7f14d20215bc in VclBuilder::handleChild(vcl::Window*, xmlreader::XmlReader&) vcl/source/window/builder.cxx:2114:33 > #11 0x7f14d2087bea in VclBuilder::handleObject(vcl::Window*, xmlreader::XmlReader&) vcl/source/window/builder.cxx:2859:17 > #12 0x7f14d20215bc in VclBuilder::handleChild(vcl::Window*, xmlreader::XmlReader&) vcl/source/window/builder.cxx:2114:33 > LibreOffice#13 0x7f14d200c59a in VclBuilder::VclBuilder(vcl::Window*, rtl::OUString const&, rtl::OUString const&, rtl::OString const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&) vcl/source/window/builder.cxx:206:9 > LibreOffice#14 0x7f1492275862 in ScreenshotTest::dumpDialogToPath(rtl::OString const&) test/source/screenshot_test.cxx:177:24 The existing code apparently depended on any calls to getXSLTDialogResMgr in xmlfiltersettingsdialog.cxx only happening after pXSLTResMgr had been set up in the outer XMLFilterDialogComponent::execute in xmlfilterdialogcomponent.cxx. That is not true when each dialog is opened independently in the screenshot test, so instead just call CreateResMgr on demand wherever needed. Change-Id: I9f6dc7c66d4999137352a8d91665b954f4088085
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...as reported by -fsanitize=vptr when doing "Format - Page..." in Writer (though both types have a Size member at the same location, so didn't cause any real problems): > sw/source/ui/misc/pgfnote.cxx:283:32: runtime error: downcast of address 0x604000e23f50 which does not point to an object of type 'const SvxSizeItem' > 0x604000e23f50: note: object is of type 'SwFormatFrameSize' > 94 01 00 3d 90 ae ee 90 ff 7e 00 00 06 00 00 00 58 00 00 be d0 2f 00 00 00 00 00 00 e0 3d 00 00 > ^~~~~~~~~~~~~~~~~~~~~~~ > vptr for 'SwFormatFrameSize' > #0 0x7efd1c8d01e2 in SwFootNotePage::ActivatePage(SfxItemSet const&) sw/source/ui/misc/pgfnote.cxx:283:32 > #1 0x7efd1c8cbf07 in SwFootNotePage::Reset(SfxItemSet const*) sw/source/ui/misc/pgfnote.cxx:230:5 > #2 0x7f002e149560 in SfxTabDialog::ActivatePageHdl(TabControl*) sfx2/source/dialog/tabdlg.cxx:1117:19 > #3 0x7f002e1400e3 in SfxTabDialog::LinkStubActivatePageHdl(void*, TabControl*) sfx2/source/dialog/tabdlg.cxx:1035:1 > #4 0x7f0008248f37 in Link<TabControl*, void>::Call(TabControl*) const include/tools/link.hxx:84:45 > #5 0x7f0008204caa in TabControl::ActivatePage() vcl/source/control/tabctrl.cxx:1601:19 Change-Id: I73df2438565a7069153b22140197897df810b2aa
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...as reported by -fsanitize=vptr when doing "Format - Paragraph... - Area - Color" in Writer: > cui/source/tabpages/tpcolor.cxx:65:19: runtime error: downcast of address 0x6030009782b0 which does not point to an object of type 'XOutdevItemPool' > 0x6030009782b0: note: object is of type 'SwAttrPool' > 20 01 80 1c 50 e8 e9 85 4d 7f 00 00 e0 28 48 86 4d 7f 00 00 c0 d7 11 00 30 61 00 00 80 29 54 00 > ^~~~~~~~~~~~~~~~~~~~~~~ > vptr for 'SwAttrPool' > #0 0x7f4b047cfd3a in SvxColorTabPage::SvxColorTabPage(vcl::Window*, SfxItemSet const&) cui/source/tabpages/tpcolor.cxx:65:19 > #1 0x7f4b0480ec04 in VclPtr<SvxColorTabPage> VclPtr<SvxColorTabPage>::Create<vcl::Window*&, SfxItemSet const&>(vcl::Window*&, SfxItemSet const&) include/vcl/vclptr.hxx:138:46 > #2 0x7f4b047f8567 in SvxColorTabPage::Create(vcl::Window*, SfxItemSet const*) cui/source/tabpages/tpcolor.cxx:326:12 > #3 0x7f4b0472132a in CreateFillStyleTabPage(unsigned short, vcl::Window*, SfxItemSet const&) cui/source/tabpages/tparea.cxx:319:42 > #4 0x7f4b0471ef8b in SvxAreaTabPage::SelectFillTypeHdl_Impl(Button*) cui/source/tabpages/tparea.cxx:330:41 > #5 0x7f4b047114b3 in SvxAreaTabPage::LinkStubSelectFillTypeHdl_Impl(void*, Button*) cui/source/tabpages/tparea.cxx:323:1 > #6 0x7f4df3eac737 in Link<Button*, void>::Call(Button*) const include/tools/link.hxx:84:45 > #7 0x7f4df3e93bb6 in Button::Click()::$_0::operator()() const vcl/source/control/button.cxx:127:85 Change-Id: I6259b100c535fa81b9f7452db84c22d5b10acb1e
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
Both Writer: "Table - Insert Table... - Insert", "Table - AutoFormat Styles..."; and Calc: select multiple cells, "Format - AutoFormat Styles..." cause > svx/source/dialog/framelinkarray.cxx:82:29: runtime error: signed integer overflow: -4702111234474983744 + -4702111234474983746 cannot be represented in type 'long' > #0 0x7f84ef0e36ba in svx::frame::lclRecalcCoordVec(std::__debug::vector<long, std::allocator<long> >&, std::__debug::vector<long, std::allocator<long> > const&) svx/source/dialog/framelinkarray.cxx:82:29 > #1 0x7f84ef0e780e in svx::frame::ArrayImpl::GetColPosition(unsigned long) const svx/source/dialog/framelinkarray.cxx:265:9 > #2 0x7f84ef0f95ae in svx::frame::Array::GetColPosition(unsigned long) const svx/source/dialog/framelinkarray.cxx:762:20 > #3 0x7f84ef0f9e56 in svx::frame::Array::GetWidth() const svx/source/dialog/framelinkarray.cxx:787:12 > #4 0x7f852e9df8fd in ScAutoFmtPreview::CalcCellArray(bool) sc/source/ui/miscdlgs/autofmt.cxx:429:32 > #5 0x7f852e9c7740 in ScAutoFmtPreview::Init() sc/source/ui/miscdlgs/autofmt.cxx:407:5 > #6 0x7f852e9c9102 in ScAutoFmtPreview::ScAutoFmtPreview(vcl::Window*) sc/source/ui/miscdlgs/autofmt.cxx:73:5 where -4702111234474983746 = 0xbebebebebebebebe is ASan's uninitialized value stored into ScAutoFmtPreview::mnLableColWidth et al. Those (overflowing, even) computations on uninitialized values appear to be harmless in practice, though, presumably because they are overwritten with "real" values soon after. Change-Id: I487fc4681afe79c4e8532595226cba4c9c0c9b2d
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...when doing Writer "Insert - Table of Contents and Index - Table of Contents, Index or Bibliography...": > sw/source/uibase/inc/cnttab.hxx:58:16: runtime error: load of value 65535, which is not a valid value for type 'TOXTypes' > #0 0x7fbed9c2c9c8 in CurTOXType::operator==(CurTOXType const&) sw/source/uibase/inc/cnttab.hxx:58:16 > #1 0x7fbed9b711b1 in SwTOXEntryTabPage::ActivatePage(SfxItemSet const&) sw/source/ui/index/cnttab.cxx:2071:25 > #2 0x7fc217524056 in SfxTabDialog::ActivatePageHdl(TabControl*) sfx2/source/dialog/tabdlg.cxx:1126:19 > #3 0x7fc217519ac3 in SfxTabDialog::LinkStubActivatePageHdl(void*, TabControl*) sfx2/source/dialog/tabdlg.cxx:1035:1 > #4 0x7fc1f15c0e37 in Link<TabControl*, void>::Call(TabControl*) const include/tools/link.hxx:84:45 > #5 0x7fc1f157cbaa in TabControl::ActivatePage() vcl/source/control/tabctrl.cxx:1601:19 Change-Id: I458e010b10dfdf3e944c389f61595869cc41036f
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...as happens during CppunitTest_sd_dialogs_test when displaying modules/simpress/ui/headerfootertab.ui: > sd/source/ui/dlg/headerfooterdlg.cxx:782:63: runtime error: division by zero > #0 0x7f270dc78b7f in sd::PresLayoutPreview::Paint(OutputDevice&, Rectangle const&) sd/source/ui/dlg/headerfooterdlg.cxx:782:63 > #1 0x7f274a56bb53 in PaintHelper::DoPaint(vcl::Region const*) vcl/source/window/paint.cxx:307:24 > #2 0x7f274a57be32 in vcl::Window::ImplCallPaint(vcl::Region const*, unsigned short) vcl/source/window/paint.cxx:613:17 > #3 0x7f274a577eee in PaintHelper::~PaintHelper() vcl/source/window/paint.cxx:547:30 > #4 0x7f274a57c305 in vcl::Window::ImplCallPaint(vcl::Region const*, unsigned short) vcl/source/window/paint.cxx:619:1 > #5 0x7f274a577eee in PaintHelper::~PaintHelper() vcl/source/window/paint.cxx:547:30 > #6 0x7f274a57c305 in vcl::Window::ImplCallPaint(vcl::Region const*, unsigned short) vcl/source/window/paint.cxx:619:1 > #7 0x7f274a589f0d in vcl::Window::Update() vcl/source/window/paint.cxx:1310:24 > #8 0x7f274b908d23 in ImplHandlePaint(vcl::Window*, Rectangle const&, bool) vcl/source/window/winproc.cxx:1593:18 > #9 0x7f274b8f9092 in ImplWindowFrameProc(vcl::Window*, SalEvent, void const*) vcl/source/window/winproc.cxx:2437:13 > #10 0x7f272e3c8662 in SalFrame::CallCallback(SalEvent, void const*) const vcl/inc/salframe.hxx:276:33 Change-Id: I2868a8b0a726544c9edbaab62a8929badf6d3845
beppec56
pushed a commit
that referenced
this issue
Nov 24, 2016
...as seen during CppunitTest_sd_dialogs_test: > collationdatareader.cpp:422:13: runtime error: null pointer passed as argument 1, which is declared to never be null > /usr/include/string.h:66:33: note: nonnull attribute specified here > #0 0x7fc3fc837f72 in icu_58::CollationDataReader::read(icu_58::CollationTailoring const*, unsigned char const*, int, icu_58::CollationTailoring&, UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/collationdatareader.cpp:422:13 > #1 0x7fc3fc7fc0bb in icu_58::CollationLoader::loadFromData(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:395:5 > #2 0x7fc3fc7fad16 in icu_58::CollationLoader::loadFromCollations(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:376:16 > #3 0x7fc3fc7f0c74 in icu_58::CollationLoader::createCacheEntry(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:221:16 > #4 0x7fc3fc7f079e in icu_58::LocaleCacheKey<icu_58::CollationCacheEntry>::createObject(void const*, UErrorCode&) const workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:144:20 > #5 0x7fc4262d558f in icu_58::UnifiedCache::_get(icu_58::CacheKeyBase const&, icu_58::SharedObject const*&, void const*, UErrorCode&) const workdir/UnpackedTarball/icu/source/common/unifiedcache.cpp:409:17 > #6 0x7fc3fc806774 in void icu_58::UnifiedCache::get<icu_58::CollationCacheEntry>(icu_58::CacheKey<icu_58::CollationCacheEntry> const&, void const*, icu_58::CollationCacheEntry const*&, UErrorCode&) const workdir/UnpackedTarball/icu/source/i18n/../common/unifiedcache.h:234:8 > #7 0x7fc3fc7f1c93 in icu_58::CollationLoader::getCacheEntry(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:466:12 > #8 0x7fc3fc7f76d4 in icu_58::CollationLoader::loadFromBundle(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:299:16 > #9 0x7fc3fc7f0ae5 in icu_58::CollationLoader::createCacheEntry(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:219:16 > #10 0x7fc3fc7f079e in icu_58::LocaleCacheKey<icu_58::CollationCacheEntry>::createObject(void const*, UErrorCode&) const workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:144:20 > #11 0x7fc4262d558f in icu_58::UnifiedCache::_get(icu_58::CacheKeyBase const&, icu_58::SharedObject const*&, void const*, UErrorCode&) const workdir/UnpackedTarball/icu/source/common/unifiedcache.cpp:409:17 > #12 0x7fc3fc806774 in void icu_58::UnifiedCache::get<icu_58::CollationCacheEntry>(icu_58::CacheKey<icu_58::CollationCacheEntry> const&, void const*, icu_58::CollationCacheEntry const*&, UErrorCode&) const workdir/UnpackedTarball/icu/source/i18n/../common/unifiedcache.h:234:8 > LibreOffice#13 0x7fc3fc7f1c93 in icu_58::CollationLoader::getCacheEntry(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:466:12 > LibreOffice#14 0x7fc3fc7f5a19 in icu_58::CollationLoader::loadFromLocale(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:247:16 > LibreOffice#15 0x7fc3fc7f0956 in icu_58::CollationLoader::createCacheEntry(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:217:16 > LibreOffice#16 0x7fc3fc7f079e in icu_58::LocaleCacheKey<icu_58::CollationCacheEntry>::createObject(void const*, UErrorCode&) const workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:144:20 > LibreOffice#17 0x7fc4262d558f in icu_58::UnifiedCache::_get(icu_58::CacheKeyBase const&, icu_58::SharedObject const*&, void const*, UErrorCode&) const workdir/UnpackedTarball/icu/source/common/unifiedcache.cpp:409:17 > LibreOffice#18 0x7fc3fc806774 in void icu_58::UnifiedCache::get<icu_58::CollationCacheEntry>(icu_58::CacheKey<icu_58::CollationCacheEntry> const&, void const*, icu_58::CollationCacheEntry const*&, UErrorCode&) const workdir/UnpackedTarball/icu/source/i18n/../common/unifiedcache.h:234:8 > LibreOffice#19 0x7fc3fc7f1c93 in icu_58::CollationLoader::getCacheEntry(UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:466:12 > LibreOffice#20 0x7fc3fc7f1525 in icu_58::CollationLoader::loadTailoring(icu_58::Locale const&, UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/ucol_res.cpp:164:19 > LibreOffice#21 0x7fc3fc7ba783 in icu_58::Collator::makeInstance(icu_58::Locale const&, UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/coll.cpp:460:40 > LibreOffice#22 0x7fc3fc7bb891 in icu_58::Collator::createInstance(icu_58::Locale const&, UErrorCode&) workdir/UnpackedTarball/icu/source/i18n/coll.cpp:448:16 > LibreOffice#23 0x7fc3f196cf17 in com::sun::star::i18n::Collator_Unicode::loadCollatorAlgorithm(rtl::OUString const&, com::sun::star::lang::Locale const&, int) i18npool/source/collator/collator_unicode.cxx:375:57 > LibreOffice#24 0x7fc3f1945c22 in com::sun::star::i18n::CollatorImpl::loadCollatorAlgorithm(rtl::OUString const&, com::sun::star::lang::Locale const&, int) i18npool/source/collator/collatorImpl.cxx:93:25 > LibreOffice#25 0x7fc3f1944a53 in com::sun::star::i18n::CollatorImpl::loadDefaultCollator(com::sun::star::lang::Locale const&, int) i18npool/source/collator/collatorImpl.cxx:79:20 > LibreOffice#26 0x7fc41d2c12e6 in CollatorWrapper::loadDefaultCollator(com::sun::star::lang::Locale const&, int) unotools/source/i18n/collatorwrapper.cxx:75:45 Change-Id: I21868c0a80e06587f9ed802ec3f8d5a89f3cb9aa
beppec56
pushed a commit
that referenced
this issue
Jun 8, 2017
ASAN reports this about JunitTest_chart2_unoapi
==27381==ERROR: AddressSanitizer: heap-use-after-free on address 0x6060005bd218 at pc 0x7ff229755271 bp 0x7fffb52c6c30 sp 0x7fffb52c6c28
READ of size 8 at 0x6060005bd218 thread T0
#0 0x7ff229755270 in o3tl::UnsafeRefCountingPolicy::decrementCount(unsigned long&) include/o3tl/cow_wrapper.hxx:41:68
#1 0x7ff2297551bf in o3tl::cow_wrapper<basegfx::Impl2DHomMatrix, o3tl::UnsafeRefCountingPolicy>::release() include/o3tl/cow_wrapper.hxx:203:29
#2 0x7ff2297515f0 in o3tl::cow_wrapper<basegfx::Impl2DHomMatrix, o3tl::UnsafeRefCountingPolicy>::~cow_wrapper() include/o3tl/cow_wrapper.hxx:248:13
#3 0x7ff242ef440f in __run_exit_handlers (/lib64/libc.so.6+0x3a40f)
#4 0x7ff242ef4469 in __GI_exit (/lib64/libc.so.6+0x3a469)
The reason appears to be the UnsafeRefCountingPolicy on the global
IdentityMatrix, so every B2DHomMatrix that is created on any thread
will manipulate the refcount of that global without synchronisation.
Let's just remove the global and hope the extra allocations don't matter.
Change-Id: I4962ab2e622286f29b912a57448f3f1a53eeb592
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No description provided.
The text was updated successfully, but these errors were encountered: