[Libreoffice-bugs] [Bug 137139] Crashes in Kubuntu with 6.4.6: ScSelectionTransferObj:com::sun::star::uno::Reference:Qt5MimeData

Wed Sep 30 11:23:27 UTC 2020

https://bugs.documentfoundation.org/show_bug.cgi?id=137139

--- Comment #3 from Jan-Marek Glogowski <glogow at fbihome.de> ---
No. (In reply to Michael Weghorn from comment #2)
> The only relatively recent commit related to QMimeData handling (i.e. mostly
> copy & paste and drag'n'drop) is the fix for tdf#131533, but that fix is in
> 6.4.4 already.
> 
> @jmux: Any ideas?

We know the fix for tdf#131533 is rather fishy and more of a workaround, then a
real fix. But if we have the same backtraces before 6.4.4 (and I checked that
libreoffice_6.3.3-0ubuntu1.debian.tar.xz doesn't carry that fix), we can - kind
of - rule that out. Also all the backtraces just indicate Calc
(ScSelectionTransferObj), not any other LO modules (at least Writer), which is
strange. Maybe an active selection in Calc is just more common on shutdown,
then in other applications? OTOH a copy in Calc keeps the selection, even if
you move the "cursor rectangle". There is also nothing suspicious new on
https://crashreport.libreoffice.org/stats/version/6.4.6.2

And the only "fix" in vcl/qt5 between 6.4.2 and 6.4.3 is commit
1000169ebca79478a05b4c23e760d99bd77e739e ("Qt5 unify font attribute
conversions"), which I would also rule out as the origin of any bug (famous
last words).

There is also no other fix in vcl/ or sc/ since commit
cbac26c52ccbe59c51c6631cb8c4b0a314a9848a / 6.4.0, which looks suspicious at all
w.r.t. the backtrace at a first glance. And the whole lazy clipboard stuff was
already in 6.3. And your fix for tdf#129809 was already in 6.4.2.

Still nothing would explain the current peak, I can see in
https://errors.ubuntu.com since
https://errors.ubuntu.com/?release=Ubuntu%2020.04&package=libreoffice-core&from=2020-08-24&to=2020-09-25,
which matches the publishing date from
https://launchpad.net/ubuntu/+source/libreoffice/1:6.4.6-0ubuntu0.20.04.1 .

So I checked the diff of the 6.4.6 fix range for sc and interestingly it
contains commit 8718d243edc9400b0e0131b096702af8d33df327 (rhbz#1847031
null-deref), which fixes a null-deref in ~ScTransferOb. That should really just
fix a bug, not cause one, but eventually this just papers-over some real bug in
the other fixes, which now hits Qt in some way. Because ScTransferObj is part
of libsclo, which can't exists with "pScMod == nullptr".

$ git log --pretty=oneline
f2e448175cee92fc695413e7281223e9f23e30ee~1..origin/libreoffice-6-4-6 | wc -l
123

Now I really would like to have a reproducer, which eventually should also
happen on master... and tdf#130559 is the only additional thing in sc that
looks strange, but that's just 17 out of the 123 patches.

Someone from Kubuntu could "mine" the crash reports, if there is anything
reproducible in it. And I have to get the RHEL bug report from someone (Caolan,
eventually).

So while I first suspected something non-LO, it now smells like a LO bug,
independent of VCL, evetually.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice-bugs/attachments/20200930/2fedcf4e/attachment-0001.htm>