Hello Damjan, All,
I get reproducible crashes on trunk, built under Linux.
More below.
On Sun, Jun 08, 2025 at 12:25:03PM +0200, Damjan Jovanovic wrote:
[...]
> Reverting only the changes to lngreg.cxx also completely fixed the test
> crashes, which tells us that the regression is in this simple
> harmless-looking part of the change:
> git show 1890034f73947872dc88f59af6226fed5174e2b5
> main/linguistic/source/lngsvcmgr.cxx
> (and of course the related changes to main/linguistic/source/lngreg.cxx).
These crashes seem to be related:
(gdb) bt
#0 osl::Mutex::acquire (this=0x0)
at /openoffice/main/solver/450/unxlngx6.pro/inc/osl/mutex.hxx:62
#1 0x00007ffff7182899 in cppu::OInterfaceContainerHelper::addInterface
(this=this@entry=0x7fffb16186a0, rListener=...)
at /openoffice/main/cppuhelper/source/interfacecontainer.cxx:221
#2 0x00007ffff42a5562 in LngSvcMgrListenerHelper::AddLngSvcEvtBroadcaster
(this=0x7fffb1618648, rxBroadcaster=...)
at /openoffice/main/linguistic/source/lngsvcmgr.cxx:550
#3 0x00007ffff42a7b30 in LngSvcMgr::AddLngSvcEvtBroadcaster
(this=<optimized out>, rxBroadcaster=...)
at /openoffice/main/linguistic/source/lngsvcmgr.cxx:1927
#4 0x00007ffff42b154f in SpellCheckerDispatcher::isValid_Impl
(this=this@entry=0x7fffb13fc550, rWord=..., nLanguage=<optimized out>,
rProperties=..., bCheckDics=bCheckDics@entry=1 '\001')
at /openoffice/main/linguistic/source/spelldsp.cxx:428
#5 0x00007ffff42b18ce in SpellCheckerDispatcher::isValid
(this=0x7fffb13fc550, rWord=..., rLocale=..., rProperties=...)
at /openoffice/main/linguistic/source/spelldsp.cxx:263
#6 0x00007ffff42b07ff in SpellCheckerDispatcher::isValid
(this=0x7fffb13fc550, rWord=..., nLanguage=<optimized out>, rProperties=...)
The ``faulty'' mutex to be acquired is
cppu::OInterfaceContainerHelper::rMutex, that is a reference to
address zero (!!).
(gdb) frame 1
#1 0x00007ffff7182899 in cppu::OInterfaceContainerHelper::addInterface (
this=this@entry=0x7fffd159b0b0, rListener=...)
at /openoffice/main/cppuhelper/source/interfacecontainer.cxx:221
221 MutexGuard aGuard( rMutex );
(gdb) p rMutex
$62 = (osl::Mutex &) <error reading variable: Cannot access memory at address
0x0>
This should never happen, because the reference is initialized in the
cppu::OInterfaceContainerHelper constructor.
But breaking on such constructor is not helpful, because it is called
hundreds (?) of times, just while AOO starts.
Let's look at frame 2, then:
(gdb) frame 2
#2 0x00007ffff42a5562 in LngSvcMgrListenerHelper::AddLngSvcEvtBroadcaster (
this=0x7fffd1dfc058, rxBroadcaster=...)
at /openoffice/main/linguistic/source/lngsvcmgr.cxx:550
550 aLngSvcEvtBroadcasters.addInterface( rxBroadcaster );
So the "faulty" object is in fact variable
LngSvcMgrListenerHelper::aLngSvcEvtBroadcasters.
It is an attribute, initialized in the LngSvcMgrListenerHelper constructor.
Fun fact: LngSvcMgrListenerHelper::LngSvcMgrListenerHelper is never
executed! If I add a breakpoint on it, the program will just reach the
crashing point.
The ``never initialized'' LngSvcMgrListenerHelper istance belongs to a
LngSvcMgr instance, that is: SpellCheckerDispatcher::rMgr.
I could not understand if that LngSvcMgr instance is instantiated
correctly, because there are lots of them.
I hope this helps for debugging this issue. I can share with you
privately the documents, if you think they could be useful.
Best regards,
--
Arrigo
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org
