https://bugs.documentfoundation.org/show_bug.cgi?id=91131
Michael Stahl <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED Assignee|[email protected] |[email protected] |desktop.org | --- Comment #6 from Michael Stahl <[email protected]> --- the crash is somewhat intermittent, so no surprise that the bibisect in comment #4 is bogus... ==12226== Invalid read of size 8 ==12226== at 0x3CB85C1B: SwList::GetListId() const (list.cxx:227) ==12226== by 0x3CB0533F: sw::DocumentListsManager::deleteListForListStyle(rtl::OUString const&) (DocumentListsManager.cxx:142) ==12226== by 0x3CAA501D: SwDoc::DelNumRule(rtl::OUString const&, bool) (docnum.cxx:1029) ==12226== by 0x3D4FF5DD: SwDocStyleSheetPool::Remove(SfxStyleSheetBase*) (docstyle.cxx:2367) ==12226== by 0x3D4F3BDB: SwDocShell::Delete(rtl::OUString const&, unsigned short) (docst.cxx:876) ==12226== by 0x3D4F1CB6: SwDocShell::ExecStyleSheet(SfxRequest&) (docst.cxx:461) ==12226== by 0x3D4D7AC7: SfxStubSwDocShellExecStyleSheet(SfxShell*, SfxRequest&) (swslots.hxx:1351) ==12226== by 0x8E96FEB: SfxShell::CallExec(void (*)(SfxShell*, SfxRequest&), SfxRequest&) (shell.hxx:204) ==12226== by 0x8E8DFD1: SfxDispatcher::Call_Impl(SfxShell&, SfxSlot const&, SfxRequest&, bool) (dispatch.cxx:262) ==12226== by 0x8E90F1F: SfxDispatcher::_Execute(SfxShell&, SfxSlot const&, SfxRequest&, SfxCallMode) (dispatch.cxx:852) ==12226== by 0x8E91679: SfxDispatcher::Execute(unsigned short, SfxCallMode, SfxPoolItem const**, unsigned short, SfxPoolItem const**) (dispatch.cxx:970) ==12226== by 0x8FE543A: SfxCommonTemplateDialog_Impl::Execute_Impl(unsigned short, rtl::OUString const&, rtl::OUString const&, unsigned short, unsigned short, unsigned short*, unsigned short const*) (templdlg.cxx:1609) ==12226== by 0x8FE764B: SfxCommonTemplateDialog_Impl::DeleteHdl(void*) (templdlg.cxx:1975) ==12226== by 0x8FE867C: SfxCommonTemplateDialog_Impl::MenuSelectAsyncHdl(void*) (templdlg.cxx:2150) ==12226== by 0x8FE85FC: SfxCommonTemplateDialog_Impl::LinkStubMenuSelectAsyncHdl(void*, void*) (templdlg.cxx:2145) ==12226== by 0xD1EADAA: Link<void*, void>::Call(void*) const (link.hxx:84) ==12226== by 0xD1E7C59: ImplHandleUserEvent(ImplSVEvent*) (winproc.cxx:1960) ==12226== by 0xD1E961E: ImplWindowFrameProc(vcl::Window*, unsigned short, void const*) (winproc.cxx:2528) ==12226== by 0xD731984: SalFrame::CallCallback(unsigned short, void const*) const (salframe.hxx:269) ==12226== by 0xD741848: SalGenericDisplay::DispatchInternalEvent() (gendisp.cxx:86) ==12226== by 0x28BAE543: GtkData::userEventFn(void*) (gtk3gtkdata.cxx:809) ==12226== by 0x28BAE5D0: call_userEventFn (gtk3gtkdata.cxx:819) ==12226== by 0x15206E39: g_main_dispatch (gmain.c:3154) ==12226== by 0x15206E39: g_main_context_dispatch (gmain.c:3769) ==12226== by 0x152071CF: g_main_context_iterate.isra.29 (gmain.c:3840) ==12226== by 0x1520727B: g_main_context_iteration (gmain.c:3901) ==12226== by 0x28BAD3E1: GtkData::Yield(bool, bool) (gtk3gtkdata.cxx:467) ==12226== by 0x28BB0672: GtkInstance::DoYield(bool, bool, unsigned long) (gtkinst.cxx:407) ==12226== by 0xD5F0BAC: ImplYield(bool, bool, unsigned long) (svapp.cxx:509) ==12226== by 0xD5EC9D3: Application::Yield() (svapp.cxx:551) ==12226== by 0xD5EC84D: Application::Execute() (svapp.cxx:471) ==12226== by 0x5110852: desktop::Desktop::DoExecute() (app.cxx:1332) ==12226== by 0x5111A13: desktop::Desktop::Main() (app.cxx:1657) ==12226== by 0xD5FB313: ImplSVMain() (svmain.cxx:167) ==12226== by 0xD5FB455: SVMain() (svmain.cxx:204) ==12226== by 0x51620D7: soffice_main (sofficemain.cxx:135) ==12226== by 0x40095D: sal_main (main.c:48) ==12226== by 0x400943: main (main.c:47) ==12226== Address 0x32ca2120 is 0 bytes inside a block of size 8 free'd ==12226== at 0x4C2A2B0: operator delete(void*) (vg_replace_malloc.c:576) ==12226== by 0x3CB04ECC: sw::DocumentListsManager::deleteList(rtl::OUString const&) (DocumentListsManager.cxx:68) ==12226== by 0x3CB05578: sw::DocumentListsManager::deleteListsByDefaultListStyle(rtl::OUString const&) (DocumentListsManager.cxx:169) ==12226== by 0x3CAA5045: SwDoc::DelNumRule(rtl::OUString const&, bool) (docnum.cxx:1030) ==12226== by 0x3D0BFC01: SwUndoNumruleCreate::UndoImpl(sw::UndoRedoContext&) (SwUndoFmt.cxx:393) ==12226== by 0x3D0E4313: SwUndo::UndoWithContext(SfxUndoContext&) (undobj.cxx:218) ==12226== by 0x9B46451: SfxListUndoAction::UndoWithContext(SfxUndoContext&) (undo.cxx:1347) ==12226== by 0x9B43612: SfxUndoManager::ImplUndo(SfxUndoContext*) (undo.cxx:806) ==12226== by 0x9B433D0: SfxUndoManager::UndoWithContext(SfxUndoContext&) (undo.cxx:774) ==12226== by 0x3D0C4477: sw::UndoManager::impl_DoUndoRedo(sw::UndoManager::UndoOrRedo_t) (docundo.cxx:488) ==12226== by 0x3D0C45F6: sw::UndoManager::Undo() (docundo.cxx:521) ==12226== by 0x3CD0325E: SwEditShell::Undo(unsigned short) (edundo.cxx:131) ==12226== by 0x3D4F3648: SwDocShell::Edit(rtl::OUString const&, rtl::OUString const&, unsigned short, unsigned short, bool, rtl::OString const&, SwWrtShell*, bool) (docst.cxx:817) ==12226== by 0x3D4F10DE: SwDocShell::ExecStyleSheet(SfxRequest&) (docst.cxx:298) ==12226== by 0x3D4D7AC7: SfxStubSwDocShellExecStyleSheet(SfxShell*, SfxRequest&) (swslots.hxx:1351) ==12226== by 0x8E96FEB: SfxShell::CallExec(void (*)(SfxShell*, SfxRequest&), SfxRequest&) (shell.hxx:204) ==12226== by 0x8E8DFD1: SfxDispatcher::Call_Impl(SfxShell&, SfxSlot const&, SfxRequest&, bool) (dispatch.cxx:262) ==12226== by 0x8E90F1F: SfxDispatcher::_Execute(SfxShell&, SfxSlot const&, SfxRequest&, SfxCallMode) (dispatch.cxx:852) ==12226== by 0x8E91679: SfxDispatcher::Execute(unsigned short, SfxCallMode, SfxPoolItem const**, unsigned short, SfxPoolItem const**) (dispatch.cxx:970) ==12226== by 0x8FE543A: SfxCommonTemplateDialog_Impl::Execute_Impl(unsigned short, rtl::OUString const&, rtl::OUString const&, unsigned short, unsigned short, unsigned short*, unsigned short const*) (templdlg.cxx:1609) ==12226== by 0x8FE6E8A: SfxCommonTemplateDialog_Impl::NewHdl(void*) (templdlg.cxx:1888) ==12226== by 0x8FE8656: SfxCommonTemplateDialog_Impl::MenuSelectAsyncHdl(void*) (templdlg.cxx:2148) ==12226== by 0x8FE85FC: SfxCommonTemplateDialog_Impl::LinkStubMenuSelectAsyncHdl(void*, void*) (templdlg.cxx:2145) ==12226== by 0xD1EADAA: Link<void*, void>::Call(void*) const (link.hxx:84) ==12226== by 0xD1E7C59: ImplHandleUserEvent(ImplSVEvent*) (winproc.cxx:1960) ==12226== by 0xD1E961E: ImplWindowFrameProc(vcl::Window*, unsigned short, void const*) (winproc.cxx:2528) ==12226== by 0xD731984: SalFrame::CallCallback(unsigned short, void const*) const (salframe.hxx:269) ==12226== by 0xD741848: SalGenericDisplay::DispatchInternalEvent() (gendisp.cxx:86) ==12226== by 0x28BAE543: GtkData::userEventFn(void*) (gtk3gtkdata.cxx:809) ==12226== by 0x28BAE5D0: call_userEventFn (gtk3gtkdata.cxx:819) ==12226== by 0x15206E39: g_main_dispatch (gmain.c:3154) ==12226== by 0x15206E39: g_main_context_dispatch (gmain.c:3769) ==12226== by 0x152071CF: g_main_context_iterate.isra.29 (gmain.c:3840) ==12226== by 0x1520727B: g_main_context_iteration (gmain.c:3901) ==12226== by 0x28BAD3E1: GtkData::Yield(bool, bool) (gtk3gtkdata.cxx:467) ==12226== by 0x28BB0672: GtkInstance::DoYield(bool, bool, unsigned long) (gtkinst.cxx:407) ==12226== by 0xD5F0BAC: ImplYield(bool, bool, unsigned long) (svapp.cxx:509) ==12226== by 0xD5EC9D3: Application::Yield() (svapp.cxx:551) ==12226== by 0xD5EC84D: Application::Execute() (svapp.cxx:471) ==12226== by 0x5110852: desktop::Desktop::DoExecute() (app.cxx:1332) ==12226== by 0x5111A13: desktop::Desktop::Main() (app.cxx:1657) ==12226== by 0xD5FB313: ImplSVMain() (svmain.cxx:167) ==12226== by 0xD5FB455: SVMain() (svmain.cxx:204) ==12226== by 0x51620D7: soffice_main (sofficemain.cxx:135) ==12226== by 0x40095D: sal_main (main.c:48) ==12226== by 0x400943: main (main.c:47) ==12226== Block was alloc'd at ==12226== at 0x4C29326: operator new(unsigned long) (vg_replace_malloc.c:334) ==12226== by 0x3CB04DBE: sw::DocumentListsManager::createList(rtl::OUString const&, rtl::OUString const&) (DocumentListsManager.cxx:56) ==12226== by 0x3CB05126: sw::DocumentListsManager::createListForListStyle(rtl::OUString const&) (DocumentListsManager.cxx:112) ==12226== by 0x3CAA97E1: SwDoc::AddNumRule(SwNumRule*) (docnum.cxx:2142) ==12226== by 0x3CAA9A13: SwDoc::MakeNumRule(rtl::OUString const&, SwNumRule const*, bool, SvxNumberFormat::SvxNumPositionAndSpaceMode) (docnum.cxx:2174) ==12226== by 0x3D4FE391: SwDocStyleSheet::Create() (docstyle.cxx:2018) ==12226== by 0x3D4FF2C3: SwDocStyleSheetPool::Make(rtl::OUString const&, SfxStyleFamily, unsigned short) (docstyle.cxx:2300) ==12226== by 0x3D4F2945: SwDocShell::Edit(rtl::OUString const&, rtl::OUString const&, unsigned short, unsigned short, bool, rtl::OString const&, SwWrtShell*, bool) (docst.cxx:647) ==12226== by 0x3D4F10DE: SwDocShell::ExecStyleSheet(SfxRequest&) (docst.cxx:298) ==12226== by 0x3D4D7AC7: SfxStubSwDocShellExecStyleSheet(SfxShell*, SfxRequest&) (swslots.hxx:1351) ==12226== by 0x8E96FEB: SfxShell::CallExec(void (*)(SfxShell*, SfxRequest&), SfxRequest&) (shell.hxx:204) ==12226== by 0x8E8DFD1: SfxDispatcher::Call_Impl(SfxShell&, SfxSlot const&, SfxRequest&, bool) (dispatch.cxx:262) ==12226== by 0x8E90F1F: SfxDispatcher::_Execute(SfxShell&, SfxSlot const&, SfxRequest&, SfxCallMode) (dispatch.cxx:852) ==12226== by 0x8E91679: SfxDispatcher::Execute(unsigned short, SfxCallMode, SfxPoolItem const**, unsigned short, SfxPoolItem const**) (dispatch.cxx:970) ==12226== by 0x8FE543A: SfxCommonTemplateDialog_Impl::Execute_Impl(unsigned short, rtl::OUString const&, rtl::OUString const&, unsigned short, unsigned short, unsigned short*, unsigned short const*) (templdlg.cxx:1609) ==12226== by 0x8FE6E8A: SfxCommonTemplateDialog_Impl::NewHdl(void*) (templdlg.cxx:1888) ==12226== by 0x8FE8656: SfxCommonTemplateDialog_Impl::MenuSelectAsyncHdl(void*) (templdlg.cxx:2148) ==12226== by 0x8FE85FC: SfxCommonTemplateDialog_Impl::LinkStubMenuSelectAsyncHdl(void*, void*) (templdlg.cxx:2145) ==12226== by 0xD1EADAA: Link<void*, void>::Call(void*) const (link.hxx:84) ==12226== by 0xD1E7C59: ImplHandleUserEvent(ImplSVEvent*) (winproc.cxx:1960) ==12226== by 0xD1E961E: ImplWindowFrameProc(vcl::Window*, unsigned short, void const*) (winproc.cxx:2528) ==12226== by 0xD731984: SalFrame::CallCallback(unsigned short, void const*) const (salframe.hxx:269) ==12226== by 0xD741848: SalGenericDisplay::DispatchInternalEvent() (gendisp.cxx:86) ==12226== by 0x28BAE543: GtkData::userEventFn(void*) (gtk3gtkdata.cxx:809) ==12226== by 0x28BAE5D0: call_userEventFn (gtk3gtkdata.cxx:819) ==12226== by 0x15206E39: g_main_dispatch (gmain.c:3154) ==12226== by 0x15206E39: g_main_context_dispatch (gmain.c:3769) ==12226== by 0x152071CF: g_main_context_iterate.isra.29 (gmain.c:3840) ==12226== by 0x1520727B: g_main_context_iteration (gmain.c:3901) ==12226== by 0x28BAD3E1: GtkData::Yield(bool, bool) (gtk3gtkdata.cxx:467) ==12226== by 0x28BB0672: GtkInstance::DoYield(bool, bool, unsigned long) (gtkinst.cxx:407) ==12226== by 0xD5F0BAC: ImplYield(bool, bool, unsigned long) (svapp.cxx:509) ==12226== by 0xD5EC9D3: Application::Yield() (svapp.cxx:551) ==12226== by 0xD5EC84D: Application::Execute() (svapp.cxx:471) ==12226== by 0x5110852: desktop::Desktop::DoExecute() (app.cxx:1332) ==12226== by 0x5111A13: desktop::Desktop::Main() (app.cxx:1657) ==12226== by 0xD5FB313: ImplSVMain() (svmain.cxx:167) ==12226== by 0xD5FB455: SVMain() (svmain.cxx:204) ==12226== by 0x51620D7: soffice_main (sofficemain.cxx:135) ==12226== by 0x40095D: sal_main (main.c:48) ==12226== by 0x400943: main (main.c:47) ==12226== the code in SwWrtShell::Edit was last changed by: commit 39f306df1d5f8daa4747f1e3b26e853c001669f5 Author: Caolán McNamara <[email protected]> AuthorDate: Fri Apr 3 11:19:10 2015 +0100 Resolves: tdf#90099 group new style and change style together as one undo let's see if reverting that gets rid of the valgrind warning... no, get the same warning, so it's even older than that... 4.3.7.2 does not produce the valgrind warning... well no idea what caused this regression but i think i have fixed the problem on master. -- You are receiving this mail because: You are the assignee for the bug.
_______________________________________________ Libreoffice-bugs mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
