leginee commented on code in PR #485:
URL: https://github.com/apache/openoffice/pull/485#discussion_r3455450533
##########
main/sc/source/ui/view/viewdata.cxx:
##########
@@ -2952,6 +2952,15 @@ void ScViewData::ReadUserDataSequence(const
uno::Sequence <beans::PropertyValue>
pTabData[nZoomTab]->aPageZoomY = aDefPageZoomY;
}
+ // The loop above delete'd and re-new'd pTabData[] entries (including
the
+ // active one) but left pThisTab pointing at a freed ScViewDataTable.
Restore
+ // the pThisTab == pTabData[nTabNo] invariant before anyone
dereferences it
+ // (e.g. ScTabView::SetTabNo -> GetActivePart()). Mirrors SetTabNo
(line
+ // ~1502). Without it, a debug build AVs on document open (reads
0xDDDDDDDD);
+ // release masks it only via allocator MRU reuse.
+ CreateTabData( nTabNo );
+ pThisTab = pTabData[nTabNo];
Review Comment:
Sadly i do not have the week of AI discussion anymore.
> Do we have any way to reproduce the issue?
You need a debug build, that poisens freed memory. That will cause AOO to
crash when you start calc. If i understood the AI correctly it is independant
of Platform. Valgrind for example can do this on Linux.
But i dont know how that is done.
(from the AI:)
The memory explicitly lists the equivalents that also expose it: PageHeap /
AppVerifier / ASan on Windows, and valgrind / MallocScribble / Guard Malloc /
MALLOC_PERTURB_ on mac/linux (same shared source). ASan in particular would
report it as a use-after-free with a clean read-after-free stack, not an opaque
0xDD AV — so it's actually a better surfacing tool than the debug CRT.
Here is how i crossed the issue: (adapted to the current code)
I did build AOO from the bazel migration branch using:
`bazel build //main/staging:install --compilation_mode=dbg
--//build:debug_info=True --features=generate_pdb --jobs=1` (takes a hole day,
because of jobs=1, if you checkout head, then you should revert commit
2955bc99494fbf5a69d074b4fcf3da8c0f6a17fa. Then build AOO with:
`bazel build //main/staging:install --compilation_mode=dbg
--//build:debug_info=True --features=generate_pdb`
and you should get the build in 2h to 3h.)
Then run
`cdb -g -G bazel-bin\main\staging\install\program\soffice.exe
-env:UserInstallation=file:///C:/temp/ooo_crash -norestore`
Go through the wizard until you are in the start menu, then select calc,
calc should crash right away. Should be similar on other tools.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
