OSX uiwriter stacktrace needed
Stephan Bergmann
sbergman at redhat.com
Tue Jun 9 07:00:31 PDT 2015
...
> ==15622==ERROR: AddressSanitizer: heap-use-after-free on address 0x604000629690 at pc 0x2b4bec6e1e2f bp 0x7fff96f22930 sp 0x7fff96f22928
> READ of size 8 at 0x604000629690 thread T0
> #0 0x2b4bec6e1e2e in BigPtrEntry::GetArray() const sw/inc/bparr.hxx:103:21
> #1 0x2b4bec6e17d6 in SwNode::GetNodes() sw/inc/node.hxx:703:34
> #2 0x2b4bec6a526d in SwNodeIndex::~SwNodeIndex() sw/inc/ndindex.hxx:83:28
> #3 0x2b4bec69eb0a in SwUiWriterTest::testUnoCursorPointer() sw/qa/extras/uiwriter/uiwriter.cxx:1045:1
> #4 0x2b4bec787d4f in CppUnit::TestCaller<SwUiWriterTest>::runTest() workdir/UnpackedTarball/cppunit/include/cppunit/TestCaller.h:166:6
> #5 0x2b4bae30775d in CppUnit::TestCaseMethodFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/TestCase.cpp:32:5
> #6 0x2b4bc6319816 in (anonymous namespace)::Protector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) test/source/vclbootstrapprotector.cxx:57:14
> #7 0x2b4bae2c34b7 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:12
> #8 0x2b4bbd74e126 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unotest/source/cpp/unobootstrapprotector/unobootstrapprotector.cxx:88:12
> #9 0x2b4bae2c34b7 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:12
> #10 0x2b4bb9ad5e54 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unotest/source/cpp/unoexceptionprotector/unoexceptionprotector.cxx:63:16
> #11 0x2b4bae2c34b7 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:12
> #12 0x2b4bae24c70c in CppUnit::DefaultProtector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) workdir/UnpackedTarball/cppunit/src/cppunit/DefaultProtector.cpp:15:12
> #13 0x2b4bae2c34b7 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:12
> #14 0x2b4bae2bf475 in CppUnit::ProtectorChain::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:77:18
> #15 0x2b4bae387ed5 in CppUnit::TestResult::protect(CppUnit::Functor const&, CppUnit::Test*, std::string const&) workdir/UnpackedTarball/cppunit/src/cppunit/TestResult.cpp:181:10
> #16 0x2b4bae3042b6 in CppUnit::TestCase::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestCase.cpp:91:5
> #17 0x2b4bae30acf3 in CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:64:5
> #18 0x2b4bae309c5d in CppUnit::TestComposite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:23:3
> #19 0x2b4bae30acf3 in CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:64:5
> #20 0x2b4bae309c5d in CppUnit::TestComposite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:23:3
> #21 0x2b4bae3c6ad6 in CppUnit::TestRunner::WrappingSuite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestRunner.cpp:47:5
> #22 0x2b4bae385d59 in CppUnit::TestResult::runTest(CppUnit::Test*) workdir/UnpackedTarball/cppunit/src/cppunit/TestResult.cpp:148:3
> #23 0x2b4bae3c8096 in CppUnit::TestRunner::run(CppUnit::TestResult&, std::string const&) workdir/UnpackedTarball/cppunit/src/cppunit/TestRunner.cpp:96:3
> #24 0x4ff258 in (anonymous namespace)::ProtectedFixtureFunctor::run() const sal/cppunittester/cppunittester.cxx:276:13
> #25 0x4fa0dd in sal_main() sal/cppunittester/cppunittester.cxx:379:14
> #26 0x4f8312 in main sal/cppunittester/cppunittester.cxx:297:1
> #27 0x2b4baff05fdf in __libc_start_main (/lib64/libc.so.6+0x1ffdf)
> #28 0x42e604 in _start (workdir/LinkTarget/Executable/cppunittester+0x42e604)
>
> 0x604000629690 is located 0 bytes inside of 40-byte region [0x604000629690,0x6040006296b8)
> freed by thread T0 here:
> #0 0x4f6170 in operator delete(void*) /home/sbergman/clang/trunk/src/projects/compiler-rt/lib/asan/asan_new_delete.cc:94
> #1 0x2b4c0ecffa18 in BigPtrArray::~BigPtrArray() sw/source/core/bastyp/bparr.cxx:64:13
> #2 0x2b4c10cd0b68 in SwNodes::~SwNodes() sw/source/core/docnode/nodes.cxx:115:1
> #3 0x2b4c0fc6dd6f in void boost::checked_delete<SwNodes>(SwNodes*) workdir/UnpackedTarball/boost/boost/checked_delete.hpp:34:5
> #4 0x2b4c0fc1ffe0 in boost::scoped_ptr<SwNodes>::~scoped_ptr() workdir/UnpackedTarball/boost/boost/smart_ptr/scoped_ptr.hpp:87:9
> #5 0x2b4c0fbe8d02 in SwDoc::~SwDoc() sw/source/core/doc/docnew.cxx:593:1
> #6 0x2b4c0fbeaaff in SwDoc::~SwDoc() sw/source/core/doc/docnew.cxx:385:1
> #7 0x2b4c15bd9890 in SwDocShell::RemoveLink() sw/source/uibase/app/docshini.cxx:466:13
> #8 0x2b4c15bd7276 in SwDocShell::~SwDocShell() sw/source/uibase/app/docshini.cxx:388:5
> #9 0x2b4c15bd9c26 in SwDocShell::~SwDocShell() sw/source/uibase/app/docshini.cxx:378:1
> #10 0x2b4c15bda05f in SwDocShell::~SwDocShell() sw/source/uibase/app/docshini.cxx:378:1
> #11 0x2b4c15bda1a6 in virtual thunk to SwDocShell::~SwDocShell() sw/source/uibase/app/docshini.cxx:377:13
> #12 0x2b4bf2203a77 in SvRefBase::ReleaseRef() include/tools/ref.hxx:196:29
> #13 0x2b4bf21f5628 in tools::SvRef<SfxObjectShell>::~SvRef() include/tools/ref.hxx:52:24
> #14 0x2b4bf43c255e in IMPL_SfxBaseModel_DataContainer::~IMPL_SfxBaseModel_DataContainer() sfx2/source/doc/sfxbasemodel.cxx:247:5
> #15 0x2b4bf43c276f in IMPL_SfxBaseModel_DataContainer::~IMPL_SfxBaseModel_DataContainer() sfx2/source/doc/sfxbasemodel.cxx:246:5
> #16 0x2b4bf42ac396 in SfxBaseModel::dispose() sfx2/source/doc/sfxbasemodel.cxx:795:5
> #17 0x2b4c1733b561 in SwXTextDocument::dispose() sw/source/uibase/uno/unotxdoc.cxx:588:5
> #18 0x2b4c1733b5db in non-virtual thunk to SwXTextDocument::dispose() sw/source/uibase/uno/unotxdoc.cxx:586:23
> #19 0x2b4bf42d1a1c in SfxBaseModel::close(unsigned char) sfx2/source/doc/sfxbasemodel.cxx:1418:5
> #20 0x2b4c1733beda in SwXTextDocument::close(unsigned char) sw/source/uibase/uno/unotxdoc.cxx:596:5
> #21 0x2b4c1733c295 in non-virtual thunk to SwXTextDocument::close(unsigned char) sw/source/uibase/uno/unotxdoc.cxx:591:23
> #22 0x2b4bf42a8f03 in SfxBaseModel::dispose() sfx2/source/doc/sfxbasemodel.cxx:754:13
> #23 0x2b4c1733b561 in SwXTextDocument::dispose() sw/source/uibase/uno/unotxdoc.cxx:588:5
> #24 0x2b4c1733b5b8 in non-virtual thunk to SwXTextDocument::dispose() sw/source/uibase/uno/unotxdoc.cxx:586:23
> #25 0x2b4bec69de41 in SwUiWriterTest::testUnoCursorPointer() sw/qa/extras/uiwriter/uiwriter.cxx:1043:5
> #26 0x2b4bec787d4f in CppUnit::TestCaller<SwUiWriterTest>::runTest() workdir/UnpackedTarball/cppunit/include/cppunit/TestCaller.h:166:6
> #27 0x2b4bae30775d in CppUnit::TestCaseMethodFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/TestCase.cpp:32:5
> #28 0x2b4bc6319816 in (anonymous namespace)::Protector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) test/source/vclbootstrapprotector.cxx:57:14
> #29 0x2b4bae2c34b7 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:12
>
> previously allocated by thread T0 here:
> #0 0x4f5b70 in operator new(unsigned long) /home/sbergman/clang/trunk/src/projects/compiler-rt/lib/asan/asan_new_delete.cc:62
> #1 0x2b4c0ed0a127 in BigPtrArray::InsBlock(unsigned short) sw/source/core/bastyp/bparr.cxx:176:20
> #2 0x2b4c0ed02148 in BigPtrArray::Insert(BigPtrEntry* const&, unsigned long) sw/source/core/bastyp/bparr.cxx:215:13
> #3 0x2b4c10d2ece4 in SwNodes::InsertNode(SwNode*, unsigned long) sw/source/core/docnode/nodes.cxx:2319:5
> #4 0x2b4c10c6f802 in SwStartNode::SwStartNode(SwNodes&, unsigned long) sw/source/core/docnode/node.cxx:899:9
> #5 0x2b4c10cce59c in SwNodes::SwNodes(SwDoc*) sw/source/core/docnode/nodes.cxx:69:31
> #6 0x2b4c0fbc5aeb in SwDoc::SwDoc() sw/source/core/doc/docnew.cxx:204:21
> #7 0x2b4c14cf0e41 in SwDocFac::GetDoc() sw/source/filter/basflt/docfact.cxx:46:20
> #8 0x2b4c15bc8939 in SwDocShell::AddLink() sw/source/uibase/app/docshini.cxx:417:18
> #9 0x2b4c15bdd2b5 in SwDocShell::Load(SfxMedium&) sw/source/uibase/app/docshini.cxx:493:9
> #10 0x2b4bf40730de in SfxObjectShell::LoadOwnFormat(SfxMedium&) sfx2/source/doc/objstor.cxx:3067:20
> #11 0x2b4bf407b66e in SfxObjectShell::DoLoad(SfxMedium*) sfx2/source/doc/objstor.cxx:724:40
> #12 0x2b4bf4305b53 in SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) sfx2/source/doc/sfxbasemodel.cxx:1859:11
> #13 0x2b4bf430e6ce in non-virtual thunk to SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) sfx2/source/doc/sfxbasemodel.cxx:1810:29
> #14 0x2b4bf4b37537 in (anonymous namespace)::SfxFrameLoader_Impl::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&) sfx2/source/view/frmload.cxx:703:17
> #15 0x2b4bf4b3a723 in non-virtual thunk to (anonymous namespace)::SfxFrameLoader_Impl::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&) sfx2/source/view/frmload.cxx:615:40
> #16 0x2b4c4f52db08 in framework::LoadEnv::impl_loadContent() framework/source/loadenv/loadenv.cxx:1122:24
> #17 0x2b4c4f51287a in framework::LoadEnv::startLoading() framework/source/loadenv/loadenv.cxx:383:20
> #18 0x2b4c4f50a8f3 in framework::LoadEnv::loadComponentFromURL(com::sun::star::uno::Reference<com::sun::star::frame::XComponentLoader> const&, com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&, rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) framework/source/loadenv/loadenv.cxx:164:9
> #19 0x2b4c4f70d7f4 in framework::Desktop::loadComponentFromURL(rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) framework/source/services/desktop.cxx:566:12
> #20 0x2b4c4f70daea in non-virtual thunk to framework::Desktop::loadComponentFromURL(rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) framework/source/services/desktop.cxx:552:64
> #21 0x2b4c1fcc1805 in unotest::MacrosTest::loadFromDesktop(rtl::OUString const&, rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) unotest/source/cpp/macros_test.cxx:50:51
> #22 0x2b4bec69baf8 in SwUiWriterTest::testUnoCursorPointer() sw/qa/extras/uiwriter/uiwriter.cxx:1031:24
> #23 0x2b4bec787d4f in CppUnit::TestCaller<SwUiWriterTest>::runTest() workdir/UnpackedTarball/cppunit/include/cppunit/TestCaller.h:166:6
> #24 0x2b4bae30775d in CppUnit::TestCaseMethodFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/TestCase.cpp:32:5
> #25 0x2b4bc6319816 in (anonymous namespace)::Protector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) test/source/vclbootstrapprotector.cxx:57:14
> #26 0x2b4bae2c34b7 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:12
> #27 0x2b4bbd74e126 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unotest/source/cpp/unobootstrapprotector/unobootstrapprotector.cxx:88:12
> #28 0x2b4bae2c34b7 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:12
> #29 0x2b4bb9ad5e54 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unotest/source/cpp/unoexceptionprotector/unoexceptionprotector.cxx:63:16
>
> SUMMARY: AddressSanitizer: heap-use-after-free sw/inc/bparr.hxx:103:21 in BigPtrEntry::GetArray() const
> Shadow bytes around the buggy address:
> 0x0c08800bd280: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> 0x0c08800bd290: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> 0x0c08800bd2a0: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> 0x0c08800bd2b0: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fd
> 0x0c08800bd2c0: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> =>0x0c08800bd2d0: fa fa[fd]fd fd fd fd fa fa fa fd fd fd fd fd fa
> 0x0c08800bd2e0: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> 0x0c08800bd2f0: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> 0x0c08800bd300: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> 0x0c08800bd310: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> 0x0c08800bd320: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
> Shadow byte legend (one shadow byte represents 8 application bytes):
> Addressable: 00
> Partially addressable: 01 02 03 04 05 06 07
> Heap left redzone: fa
> Heap right redzone: fb
> Freed heap region: fd
> Stack left redzone: f1
> Stack mid redzone: f2
> Stack right redzone: f3
> Stack partial redzone: f4
> Stack after return: f5
> Stack use after scope: f8
> Global redzone: f9
> Global init order: f6
> Poisoned by user: f7
> Container overflow: fc
> Array cookie: ac
> Intra object redzone: bb
> ASan internal: fe
> Left alloca redzone: ca
> Right alloca redzone: cb
> ==15622==ABORTING
>
> Error: a unit test failed, please do one of:
>
> export DEBUGCPPUNIT=TRUE # for exception catching
> export CPPUNITTRACE="gdb --args" # for interactive debugging on Linux
> export VALGRIND=memcheck # for memory checking
>
> and retry using: make CppunitTest_sw_uiwriter
More information about the LibreOffice
mailing list