Steps to reproduce: 1. Open a new writer document 2. Insert a header 3. Insert an image to the header 4. Delete the header CRASH! Surprisingly it doesn't crash with official releases for me... Reproduced in Version: 5.4.0.0.alpha0+ Build ID: 7c11fe076005ed4e28f04f14990b7011a03a4517 CPU threads: 4; OS: Linux 4.8; UI render: default; VCL: gtk2; Locale: ca-ES (ca_ES.UTF-8); Calc: group
I can't reproduce it in debug mode neither
I can reproduce it back to 5f658dc87794036182aa1f8586d82c5ee997cd8b but I'm not sure whether this commit introduced the crash or not
Hi Xisco, No crash for me with LO 5.4.0.0.alpha0+ Build ID: 3a36cf434fb4a967c9ea767cb7ac5f4da0502a0d CPU threads: 2; OS: Windows 6.1; UI render: default; TinderBox: Win-x86@39, Branch:master, Time: 2017-04-28_06:33:58 Locale: fr-FR (fr_FR); Calc: CL Linux only?
Created attachment 132930 [details] GDB trace of crash with 5.4 master Arch Linux 64-bit, KDE Plasma 5 Version: 5.4.0.0.alpha0+ Build ID: 9348b322a5c230dfcc2231661b73e480b130fcd9 CPU threads: 8; OS: Linux 4.10; UI render: default; VCL: kde4; Locale: fi-FI (fi_FI.UTF-8); Calc: group Built on April 28th 2016
(In reply to Xisco Faulí from comment #2) > I can reproduce it back to 5f658dc87794036182aa1f8586d82c5ee997cd8b but I'm > not sure whether this commit introduced the crash or not This comment is incorrect. I wanted to say 'I can reproduce it back to dedc93e973b59ca4d1660fc3820770bf9b072896'
fixed on master guess this is when it started to crash: commit 0f98299f7aa44bbb55c1bfeddca7799f727d14b0 Author: Stephan Bergmann <sbergman@redhat.com> AuthorDate: Wed Mar 4 13:52:03 2015 +0100 Avoid bad downcast of SwFrmFmt to SwSectionFmt diff --git a/sw/inc/docary.hxx b/sw/inc/docary.hxx index 098851e..8768cc0 100644 --- a/sw/inc/docary.hxx +++ b/sw/inc/docary.hxx @@ -128,8 +128,10 @@ public: inline sal_uInt16 GetPos(const SwFmt *p) const { return SwVectorModifyBase<Value>::GetPos( static_cast<Value>( const_cast<SwFmt*>( p ) ) ); } - inline bool Contains(const SwFmt *p) const - { return SwVectorModifyBase<Value>::Contains( static_cast<Value>( const_cast<SwFmt*>( p ) ) ); } + inline bool Contains(const SwFmt *p) const { + Value p2 = dynamic_cast<Value>(const_cast<SwFmt*>(p)); + return p2 != nullptr && SwVectorModifyBase<Value>::Contains(p2); + } }; class SwGrfFmtColls : public SwFmtsModifyBase<SwGrfFmtColl*>
Michael Stahl committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=32403675bf9d2d0380956f9a82da71593edbb53c tdf#107494 sw: fix crash in SwCallMouseEvent when deleting header It will be available in 5.4.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Michael Stahl committed a patch related to this issue. It has been pushed to "libreoffice-5-3": http://cgit.freedesktop.org/libreoffice/core/commit/?id=4601cae591ee83ec83d707d7b82f5d61aa979c71&h=libreoffice-5-3 tdf#107494 sw: fix crash in SwCallMouseEvent when deleting header It will be available in 5.3.4. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Verified in Version: 6.0.0.0.alpha0+ Build ID: 3f16306964d5bb81dda3c681bcabbacadf424e7b CPU threads: 4; OS: Linux 4.8; UI render: default; VCL: gtk3; Locale: ca-ES (ca_ES.UTF-8); Calc: group
Zdeněk Crhonek committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/+/1c2691f0ab192347da1507076ac16a248298a848%5E%21 uitest for bug tdf#107494 It will be available in 6.3.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Xisco Fauli committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/6186e025e4b1e0cb4dbb3d7d4a06798ab1383eb5 tdf#107494: sw: move UITest to CppUnittest It will be available in 7.4.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.