Re: [Libreoffice] Crash in master: Sum button in sc

Soeren Moeller <soerenmoeller2001 -AT- gmail.com>
Wed, 26 Jan 2011 23:59:43 +0100

Thanks for the answer. I now used gdb to locate the segfault, and
found it to happen when ScViewFunc called ScRangeList.front() with an
empty range list, which resulted in a segfault while trying to
retrieve the first element of the list. I have prepared the attached
patch, adding a check for empty list in ScViewFunc. (As it here
opposed to ScRangeList, was possible to check that not returning an
element was handled ok.) This removes the crash, and the sum button
seems to work fine again. Although it maybe still would make sense to
check the other uses of ScRangeList.front() for similar problems, I
will try to look into this later on, but this patch shoul at least
make this use safe.

Regards
Sören Möller
(LGPLv3+ / MPL)


2011/1/26 Kohei Yoshida <kyoshida@novell.com>:

Hi Soeren,

On Tue, 2011-01-25 at 23:13 +0100, Soeren Moeller wrote:

Hi

I just noticed a bug in master (pull about 1h ago):
When I in calc press the sum button (shaped like a sigma), then calc
crashes instantly and without any message. This seems to happen only
when calc doesn't guess a sum area by itself. (E.g. if there are
numbers in the cells above the marked cell, calc suggest those cells
as a sum area, and it works fine, but if there are no cells with
numbers nearby it crashes). Using the sum function through the
Function Wizard works fine, though.


Well, I'm not surprised; after all it's master where things are fairly
unstable, and crashes are common occurrences. :-)

Having said that, it's good to catch these nasty crashes early, and I'm
glad you brought this issue to light.

Are you familiar with getting stack traces with gdb?  That would be the
first step when investigating a crash.  To get a meaningful stack trace
you need to re-build the sc module with debug symbol compiled in.

http://wiki.documentfoundation.org/Development/Native_Build#Partial_debug_build

Once done, start Calc, attach gdb, reproduce the crash and get a
backtrace in gdb.  That will give you the location of the crash from
which you can sniff around the code to see what's going wrong.

I'm just getting used to the codebase, so it would be nice if someone
who is more into it would take a look, and check if the error can be
reproduced by others. I can reproduce it even after a "make clean; ./g
pull; make; make dev-install".


Yup, this is perfectly reproducible.

Anyway, it would be great if you could get a backtrace output from gdb
to see where the crash occurs.

Let me know if you need additional help.

Best,

Kohei

--
Kohei Yoshida, LibreOffice hacker, Calc
<kyoshida@novell.com>

From cc930a1a9ee473bc6b827f5456bf33126b728cc3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=B6ren=20M=C3=B6ller?= <soerenmoeller2001@gmail.com>
Date: Wed, 26 Jan 2011 23:48:33 +0100
Subject: [PATCH] Added check for empty rRangeList in ScViewFunc

This fixes a crash, which occured when the sum function was called, without
beeing able to generate an automatic range.
---
 sc/source/ui/view/viewfun2.cxx |   24 +++++++++++++-----------
 1 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/sc/source/ui/view/viewfun2.cxx b/sc/source/ui/view/viewfun2.cxx
index 99a5c9c..34e7694 100644
--- a/sc/source/ui/view/viewfun2.cxx
+++ b/sc/source/ui/view/viewfun2.cxx
@@ -744,17 +744,19 @@ String ScViewFunc::GetAutoSumFormula( const ScRangeList& rRangeList, bool 
bSubTo
         pArray->AddOpCode(ocSep);
     }
 
-    ScRangeList aRangeList = rRangeList;
-    const ScRange* pFirst = aRangeList.front();
-    size_t ListSize = aRangeList.size();
-    for ( size_t i = 0; i < ListSize; ++i )
-    {
-        const ScRange* p = aRangeList[i];
-        if (p != pFirst)
-            pArray->AddOpCode(ocSep);
-        ScComplexRefData aRef;
-        aRef.InitRangeRel(*p, rAddr);
-        pArray->AddDoubleReference(aRef);
+    if(!rRangeList.empty()){
+        ScRangeList aRangeList = rRangeList;
+        const ScRange* pFirst = aRangeList.front();
+        size_t ListSize = aRangeList.size();
+        for ( size_t i = 0; i < ListSize; ++i )
+        {
+            const ScRange* p = aRangeList[i];
+            if (p != pFirst)
+                pArray->AddOpCode(ocSep);
+            ScComplexRefData aRef;
+            aRef.InitRangeRel(*p, rAddr);
+            pArray->AddDoubleReference(aRef);
+        }
     }
 
     pArray->AddOpCode(ocClose);
-- 
1.7.0.4

Context

[Libreoffice] Crash in master: Sum button in sc · Soeren Moeller
- Re: [Libreoffice] Crash in master: Sum button in sc · Kohei Yoshida
  - Re: [Libreoffice] Crash in master: Sum button in sc · Soeren Moeller
    - Re: [Libreoffice] [PUSHED] Crash in master: Sum button in sc · Kohei Yoshida
    - [Libreoffice] How do I update my download? · Ron House
      - Re: [Libreoffice] How do I update my download? · David Dumaresq
      - Re: [Libreoffice] How do I update my download? · Norbert Thiebaud
        
        Re: [Libreoffice] How do I update my download? · Ron House
        
        Re: [Libreoffice] How do I update my download? · Norbert Thiebaud
        
        Re: [Libreoffice] How do I update my download? · Ron House
        [Libreoffice] Need help with compile error. Was: How do I update my download? · Ron House
        Re: [Libreoffice] Need help with compile error. Was: How do I update my download? · Francois Tigeot

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.