Bug 282035

Summary: Calligra Tables crash when trying to switch columns
Product: [Applications] calligrasheets Reporter: Neofytos Kolokotronis <neofytosk>
Component: generalAssignee: Calligra Sheets (KSpread) Bugs <calligra-sheets-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: inge, sebsauer
Priority: NOR    
Version: 2.4-snapshots   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: The file I was working on when I got the crash

Description Neofytos Kolokotronis 2011-09-14 18:20:17 UTC
Application: calligratables (2.4 Beta 1)
KDE Platform Version: 4.7.1 (4.7.1)
Qt Version: 4.7.4
Operating System: Linux 3.0-CHAKRA x86_64
Distribution: "Chakra Linux"

-- Information about the crash:
- What I was doing when the application crashed:
Working on a file, which I can attach if needed. I was trying to switch positions between columns B and C.

-- Backtrace:
Application: Tables (kdeinit4), signal: Segmentation fault
[Current thread is 1 (Thread 0x7f660dea1760 (LWP 9471))]

Thread 2 (Thread 0x7f65e6f9a700 (LWP 9480)):
#0  0x00007f660c7605ce in __pthread_mutex_unlock_usercnt () from /lib/libpthread.so.0
#1  0x00007f6608596f78 in ?? () from /usr/lib/libglib-2.0.so.0
#2  0x00007f66085974bd in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#3  0x00007f660cafaeae in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#4  0x00007f660cacf082 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#5  0x00007f660cacf2c4 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#6  0x00007f660c9e45e4 in QThread::exec() () from /usr/lib/libQtCore.so.4
#7  0x00007f660cab0a98 in ?? () from /usr/lib/libQtCore.so.4
#8  0x00007f660c9e6e55 in ?? () from /usr/lib/libQtCore.so.4
#9  0x00007f660c75cc80 in start_thread () from /lib/libpthread.so.0
#10 0x00007f660b54898d in clone () from /lib/libc.so.6
#11 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f660dea1760 (LWP 9471)):
[KCrash Handler]
#6  0x00007f65f2512663 in Calligra::Tables::ColumnFormat::visibleWidth() const () from /usr/lib/libcalligratablesodf.so.8
#7  0x00007f65f25221a4 in Calligra::Tables::Sheet::leftColumn(double, double&) const () from /usr/lib/libcalligratablesodf.so.8
#8  0x00007f65f2934d04 in Calligra::Tables::CanvasBase::showToolTip(QPoint const&) () from /usr/lib/libcalligratablescommon.so.8
#9  0x00007f65f2935a99 in Calligra::Tables::CanvasBase::eventFilter(QObject*, QEvent*) () from /usr/lib/libcalligratablescommon.so.8
#10 0x00007f660cacfe57 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4
#11 0x00007f660bc979a1 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#12 0x00007f660bc9cf66 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#13 0x00007f660d8890f6 in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#14 0x00007f660cacfccc in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4
#15 0x00007f660bc9a35f in QApplication::event(QEvent*) () from /usr/lib/libQtGui.so.4
#16 0x00007f660bc979d4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#17 0x00007f660bc9c57a in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#18 0x00007f660d8890f6 in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#19 0x00007f660cacfccc in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4
#20 0x00007f660cafd98e in ?? () from /usr/lib/libQtCore.so.4
#21 0x00007f660cafa768 in ?? () from /usr/lib/libQtCore.so.4
#22 0x00007f6608596a43 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#23 0x00007f6608597220 in ?? () from /usr/lib/libglib-2.0.so.0
#24 0x00007f66085974bd in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#25 0x00007f660cafae56 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#26 0x00007f660bd3d08e in ?? () from /usr/lib/libQtGui.so.4
#27 0x00007f660cacf082 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#28 0x00007f660cacf2c4 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#29 0x00007f660cad379f in QCoreApplication::exec() () from /usr/lib/libQtCore.so.4
#30 0x00007f65faf5f565 in kdemain () from /usr/lib/libkdeinit4_calligratables.so
#31 0x0000000000407283 in _start ()

Reported using DrKonqi
Comment 1 Neofytos Kolokotronis 2011-09-14 18:25:34 UTC
forgot to mention that this file was initially created with LibreOffice Writer, dont know if that's related.
Comment 2 Sebastian Sauer 2011-09-15 12:16:44 UTC
Hi tetris4,

lot of thanks for the report! Can you please attach the document or, if not possible, mail it to me ( sebsauer@kdab.com )? That would help us to reproduce the crash, fix it and verify that the fix really solves the crash. Lot of thanks in advance!
Comment 3 Neofytos Kolokotronis 2011-09-15 12:25:28 UTC
Created attachment 63662 [details]
The file I was working on when I got the crash 

Hope it helps! =)
Comment 4 Sebastian Sauer 2011-09-15 13:43:07 UTC
Seems I am not able to reproduce. Maybe that's a timing issue or something else was done before switching the columns (e.g. deleting or moving a column?).

From looking at the code it seems the only case where a crash could happen is if we deal with a dangling ColumnFormat pointer...
Comment 5 Neofytos Kolokotronis 2011-09-15 19:34:51 UTC
I was trying to switch the columns by drag and drop but didn't work. So it is possible that before that I had tried doing a cut/paste/delete action with the columns.
Comment 6 Sebastian Sauer 2011-09-15 20:27:02 UTC
I did right-click on a column and choosed "delete column" and then did undo/redo and switch the selection multiple times and got following assert which maybe is related;

[KCrash Handler]
#6  0x00007f8174b3cab5 in raise () from /lib64/libc.so.6
#7  0x00007f8174b3dfb6 in abort () from /lib64/libc.so.6
#8  0x00007f8175af1e44 in qt_message_output (msgType=<value optimized out>, buf=<value optimized out>) at global/qglobal.cpp:2291
#9  0x00007f8175af200d in qt_message(QtMsgType, const char *, typedef __va_list_tag __va_list_tag *) (msgType=QtFatalMsg, msg=0x7f8175c43f68 "ASSERT: \"%s\" in file %s, line %d", ap=0x7fff97fb4c30) at global/qglobal.cpp:2337
#10 0x00007f8175af21a5 in qFatal (msg=<value optimized out>) at global/qglobal.cpp:2520
#11 0x00007f8175af21ea in qt_assert (assertion=0x6841 <Address 0x6841 out of bounds>, file=0x6 <Address 0x6 out of bounds>, line=-1) at global/qglobal.cpp:2036
#12 0x00007f81638358a1 in QVarLengthArray<double, 256>::operator[] (this=0x7fff97fb4d80, idx=0) at /usr/include/QtCore/qvarlengtharray.h:103
#13 0x00007f81638210ad in KoRTree<Calligra::Tables::Validity>::NonLeafNode::getLeastEnlargement (this=0x123d128, bb=...) at /home/snoopy/src/calligra/libs/flake/KoRTree.h:906
#14 0x00007f8163820c32 in KoRTree<Calligra::Tables::Validity>::NonLeafNode::chooseLeaf (this=0x123d128, bb=...) at /home/snoopy/src/calligra/libs/flake/KoRTree.h:839
#15 0x00007f81637f674e in KoRTree<Calligra::Tables::Validity>::insertHelper (this=0xb77aa0, bb=..., data=..., id=31) at /home/snoopy/src/calligra/libs/flake/KoRTree.h:378
#16 0x00007f81637eb143 in KoRTree<Calligra::Tables::Validity>::insert (this=0xb77aa0, bb=..., data=...) at /home/snoopy/src/calligra/libs/flake/KoRTree.h:354
#17 0x00007f81637d2ec1 in Calligra::Tables::RTree<Calligra::Tables::Validity>::insert (this=0xb77aa0, rect=..., data=...) at /home/snoopy/src/calligra/tables/RTree.h:401
#18 0x00007f81637b6b25 in Calligra::Tables::RectStorage<Calligra::Tables::Validity>::insert (this=0xb77a90, region=..., _data=...) at /home/snoopy/src/calligra/tables/RectStorage.h:323
#19 0x00007f81637a1c92 in Calligra::Tables::CellStorage::setValidity (this=0xa70cf0, region=..., validity=...) at /home/snoopy/src/calligra/tables/CellStorage.cpp:654
#20 0x00007f81638af243 in Calligra::Tables::SheetModel::setData (this=0xa8ef80, range=..., value=..., role=65536) at /home/snoopy/src/calligra/tables/SheetModel.cpp:280
#21 0x00007f816381a0fe in Calligra::Tables::RectStorageUndoCommand<Calligra::Tables::Validity>::undo (this=0x1345fe0) at /home/snoopy/src/calligra/tables/commands/RectStorageUndoCommand.h:83
#22 0x00007f8179eee207 in KUndo2Command::undo (this=0x1026760) at /home/snoopy/src/calligra/libs/kundo2/kundo2stack.cpp:228
#23 0x00007f8163c80595 in Calligra::Tables::InsertDeleteColumnManipulator::process (this=0x1026750, element=0xfa69a0) at /home/snoopy/src/calligra/tables/commands/RowColumnManipulators.cpp:613
#24 0x00007f8163c5ec5e in Calligra::Tables::AbstractRegionCommand::mainProcessing (this=0x1026750) at /home/snoopy/src/calligra/tables/commands/AbstractRegionCommand.cpp:168
#25 0x00007f8163c8096f in Calligra::Tables::InsertDeleteColumnManipulator::mainProcessing (this=0x1026750) at /home/snoopy/src/calligra/tables/commands/RowColumnManipulators.cpp:667
#26 0x00007f8163c5e6fe in Calligra::Tables::AbstractRegionCommand::redo (this=0x1026750) at /home/snoopy/src/calligra/tables/commands/AbstractRegionCommand.cpp:105
#27 0x00007f8163c5e888 in Calligra::Tables::AbstractRegionCommand::undo (this=0x1026750) at /home/snoopy/src/calligra/tables/commands/AbstractRegionCommand.cpp:126
#28 0x00007f8179eeee91 in KUndo2QStack::undo (this=0x96b870) at /home/snoopy/src/calligra/libs/kundo2/kundo2stack.cpp:676
#29 0x00007f8179eedacf in KUndo2QStack::qt_metacall (this=0x96b870, _c=QMetaObject::InvokeMetaMethod, _id=8, _a=0x7fff97fb5df0) at /home/snoopy/src/build/calligra/libs/kundo2/moc_kundo2stack.cpp:105
#30 0x00007f8175bf8e8f in QMetaObject::activate (sender=0xbbd2e0, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0x7fff97fb5df0) at kernel/qobject.cpp:3287
#31 0x00007f817680fed2 in QAction::triggered (this=<value optimized out>, _t1=false) at .moc/release-shared/moc_qaction.cpp:263
#32 0x00007f81768100ca in QAction::activate (this=0xbbd2e0, event=<value optimized out>) at kernel/qaction.cpp:1257
#33 0x00007f8176bce79a in QAbstractButtonPrivate::click (this=0x103b870) at widgets/qabstractbutton.cpp:528
#34 0x00007f8176bcea4c in QAbstractButton::mouseReleaseEvent (this=0x12e00f0, e=0x7fff97fb6780) at widgets/qabstractbutton.cpp:1121
#35 0x00007f8176c8af8a in QToolButton::mouseReleaseEvent (this=<value optimized out>, e=<value optimized out>) at widgets/qtoolbutton.cpp:721
#36 0x00007f8176867e1c in QWidget::event (this=0x12e00f0, event=0x7fff97fb6780) at kernel/qwidget.cpp:8295
#37 0x00007f8176816264 in QApplicationPrivate::notify_helper (this=0x6e67f0, receiver=0x12e00f0, e=0x7fff97fb6780) at kernel/qapplication.cpp:4481
#38 0x00007f817681f09c in QApplication::notify (this=<value optimized out>, receiver=0x12e00f0, e=0x7fff97fb6780) at kernel/qapplication.cpp:4042
#39 0x00007f817752db76 in KApplication::notify(QObject*, QEvent*) () from /usr/lib64/libkdeui.so.5
#40 0x00007f8175be47cc in QCoreApplication::notifyInternal (this=0x7fff97fb7460, receiver=0x12e00f0, event=0x7fff97fb6780) at kernel/qcoreapplication.cpp:787
#41 0x00007f8176817275 in sendEvent (receiver=0x12e00f0, event=0x7fff97fb6780, alienWidget=0x12e00f0, nativeWidget=0x10543f0, buttonDown=0x7f81772ed198, lastMouseReceiver=..., spontaneous=true) at ../../src/corelib/kernel/qcoreapplication.h:215
#42 QApplicationPrivate::sendMouseEvent (receiver=0x12e00f0, event=0x7fff97fb6780, alienWidget=0x12e00f0, nativeWidget=0x10543f0, buttonDown=0x7f81772ed198, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3141
#43 0x00007f8176895d28 in QETWidget::translateMouseEvent (this=0x10543f0, event=<value optimized out>) at kernel/qapplication_x11.cpp:4461
#44 0x00007f81768943e9 in QApplication::x11ProcessEvent (this=0x7fff97fb7460, event=0x7fff97fb70e0) at kernel/qapplication_x11.cpp:3587
#45 0x00007f81768bc512 in x11EventSourceDispatch (s=0x6e18f0, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#46 0x00007f816dfc0bd3 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#47 0x00007f816dfc13b0 in ?? () from /lib64/libglib-2.0.so.0
#48 0x00007f816dfc1650 in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#49 0x00007f8175c0f5df in QEventDispatcherGlib::processEvents (this=0x653190, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:422
#50 0x00007f81768bc1ae in QGuiEventDispatcherGlib::processEvents (this=<value optimized out>, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#51 0x00007f8175be3c22 in QEventLoop::processEvents (this=<value optimized out>, flags=...) at kernel/qeventloop.cpp:149
#52 0x00007f8175be3e35 in QEventLoop::exec (this=0x7fff97fb7400, flags=...) at kernel/qeventloop.cpp:201
#53 0x00007f8175be827b in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1064
#54 0x00007f817b6b2833 in kdemain (argc=2, argv=0x7fff97fb7658) at /home/snoopy/src/calligra/tables/part/Main.cpp:43
#55 0x0000000000400996 in main (argc=2, argv=0x7fff97fb7658) at /home/snoopy/src/build/calligra/tables/calligratables_dummy.cpp:3

Seems to be rather hard to reproduce it and maybe it's not even direct related.
Comment 7 Sebastian Sauer 2011-09-15 20:30:01 UTC
Looking at the backtrace again it looks like the issue I fixed with http://git.reviewboard.kde.org/r/102517/ what means it's a duplicate of bug 279951 . The patch was not pushed to master yet cause of the missing review.
Comment 8 Sebastian Sauer 2011-09-15 21:03:13 UTC
One more;

[KCrash Handler]
#6  0x00007f9982152046 in Calligra::Tables::Sheet::cellStorage (this=0x0) at /home/snoopy/src/calligra/tables/Sheet.cpp:493
#7  0x00007f9982136fc0 in Calligra::Tables::NamedAreaManager::remove (this=0x96be80, name=...) at /home/snoopy/src/calligra/tables/NamedAreaManager.cpp:96
#8  0x00007f9982139219 in Calligra::Tables::NamedAreaManager::qt_metacall (this=0x96be80, _c=QMetaObject::InvokeMetaMethod, _id=4, _a=0x7fff2e942e40) at /home/snoopy/src/build/calligra/tables/NamedAreaManager.moc:86
#9  0x00007f99944b7e8f in QMetaObject::activate (sender=0xb113c0, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0x7fff2e942e40) at kernel/qobject.cpp:3287
#10 0x00007f99820691dd in Calligra::Tables::CellStorage::namedAreaRemoved (this=0xb113c0, _t1=...) at /home/snoopy/src/build/calligra/tables/CellStorage.moc:95
#11 0x00007f9982068e81 in Calligra::Tables::CellStorage::stopUndoRecording (this=0xb113c0, parent=0x10f4d00) at /home/snoopy/src/calligra/tables/CellStorage.cpp:1708
#12 0x00007f998253f9f1 in Calligra::Tables::InsertDeleteColumnManipulator::postProcessing (this=0x10f4cf0) at /home/snoopy/src/calligra/tables/commands/RowColumnManipulators.cpp:676
#13 0x00007f998251d79b in Calligra::Tables::AbstractRegionCommand::redo (this=0x10f4cf0) at /home/snoopy/src/calligra/tables/commands/AbstractRegionCommand.cpp:112
#14 0x00007f99987ada62 in KUndo2QStack::push (this=0x96b5d0, cmd=0x10f4d00) at /home/snoopy/src/calligra/libs/kundo2/kundo2stack.cpp:562
#15 0x00007f9999c338d3 in KoDocument::addCommand (this=0x913ac0, command=0x10f4d00) at /home/snoopy/src/calligra/libs/main/KoDocument.cpp:2715
#16 0x00007f99825bdc8f in Calligra::Tables::CanvasBase::addCommand (this=0xcf4eb8, command=0x10f4d00) at /home/snoopy/src/calligra/tables/part/CanvasBase.cpp:170
#17 0x00007f998251d4fb in Calligra::Tables::AbstractRegionCommand::execute (this=0x10f4cf0, canvas=0xcf4eb8) at /home/snoopy/src/calligra/tables/commands/AbstractRegionCommand.cpp:81
#18 0x00007f998261f62b in Calligra::Tables::CellToolBase::deleteColumn (this=0xea2640) at /home/snoopy/src/calligra/tables/ui/CellToolBase.cpp:2153
#19 0x00007f9982514834 in Calligra::Tables::CellToolBase::qt_metacall (this=0xea2640, _c=QMetaObject::InvokeMetaMethod, _id=57, _a=0x7fff2e9432d0) at /home/snoopy/src/build/calligra/tables/moc_CellToolBase.cpp:330
#20 0x00007f99825c8cd5 in Calligra::Tables::CellTool::qt_metacall (this=0xea2640, _c=QMetaObject::InvokeMetaMethod, _id=71, _a=0x7fff2e9432d0) at /home/snoopy/src/build/calligra/tables/CellTool.moc:71
#21 0x00007f99944b7e8f in QMetaObject::activate (sender=0xe95100, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0x7fff2e9432d0) at kernel/qobject.cpp:3287
#22 0x00007f99950ceed2 in QAction::triggered (this=<value optimized out>, _t1=false) at .moc/release-shared/moc_qaction.cpp:263
#23 0x00007f99950cf0ca in QAction::activate (this=0xe95100, event=<value optimized out>) at kernel/qaction.cpp:1257
#24 0x00007f9995509373 in QMenuPrivate::activateCausedStack (this=0x119d230, causedStack=..., action=0xe95100, action_e=QAction::Trigger, self=true) at widgets/qmenu.cpp:1005
#25 0x00007f999550f38a in QMenuPrivate::activateAction (this=0x119d230, action=0xe95100, action_e=QAction::Trigger, self=true) at widgets/qmenu.cpp:1097
#26 0x00007f9995eae9b0 in KMenu::mouseReleaseEvent(QMouseEvent*) () from /usr/lib64/libkdeui.so.5
Comment 9 Sebastian Sauer 2011-09-15 21:16:39 UTC
I just pushed commit 54617633bb4809d202caaffe49729dfe150486b3 which fixes one of the cashes that was resulting on a crash (or to an assert in debug-mode) if the cell-selection was expanded to invalid regions.

But I don't think it fixes the cases described in this bugreport :-/
Comment 10 Sebastian Sauer 2011-09-20 08:41:47 UTC
Fix for bug 279951 pushed too.
Comment 11 Sebastian Sauer 2011-12-19 03:16:56 UTC
The crash from comment #8 is fixed with commit d8965a3a9cac. That means there is only the remaining issue (which I still cannot reproduce).
Comment 12 Inge Wallin 2013-06-29 08:09:39 UTC
I think that with those pushes and nearly 2 years gone we can close this bug now.

Tetris4, if you see the same crash in 2.7 then please reopen it and we will take a closer look and see if we can find it.
Comment 13 Inge Wallin 2013-06-29 08:10:15 UTC
oops, forgot to resolve.