Description: Crash in: SfxItemSet::GetItemState Steps to Reproduce: 1. Open the attached file 2. CTRL+A + CTRL+C 3. CTRL+N (new writer document normal view) 4. CTRL+V + CTRL+V 5. CTRL+Z + CTRL+Z 6. CTRL+V -> Crash (if not -> happens -> Hold CTRL+V). Still nothing -> relaunch and try again or toy around with holding CTRL+V CTRL+Z. It will crash at some point Actual Results: Crash Expected Results: No crash Reproducible: Always User Profile Reset: No Additional Info: Found in: Version: 6.2.0.0.alpha0+ Build ID: 1aa37aa6bee19099b57555a6d839992b054aa405 CPU threads: 4; OS: Windows 6.3; UI render: default; TinderBox: Win-x86@42, Branch:master, Time: 2018-09-23_10:17:54 Locale: nl-NL (nl_NL); Calc: CL
Created attachment 145162 [details] Example file
crashreport.libreoffice.org/stats/crash_details/0cea6013-7fea-4e8c-8b55-b10d70b02685
confirming crash with Version: 6.1.2.1 (x64) Build-ID: 65905a128db06ba48db947242809d14d3f9a93fe CPU-Threads: 4; BS: Windows 10.0; UI-Render: Standard; Gebietsschema: de-DE (de_DE); Calc:
Confirmed on ubuntu 16.04 x64 with Version: 6.2.0.0.alpha0+ Build ID: 8b1501d80dc9d3f42c351c6e026fa737e116cae5 CPU threads: 2; OS: Linux 4.4; UI render: default; VCL: gtk2; TinderBox: Linux-rpm_deb-x86_64@70-TDF, Branch:master, Time: 2018-09-22_22:07:48 Locale: en-US (en_US.UTF-8); Calc: threaded crashreport.libreoffice.org/stats/crash_details/a4ed4cfd-745f-4bab-be27-9d43034dccd4 Unconfirmed with Version: 6.0.0.0.alpha1+ Build ID: 637d96a25926e299fff5b4cf5a0055b1d171b23b CPU threads: 2; OS: Linux 4.4; UI render: default; VCL: gtk2; TinderBox: Linux-rpm_deb-x86_64@70-TDF, Branch:master, Time: 2017-11-17_23:45:59 Locale: en-US (en_US.UTF-8); Calc: group
Regression introduced by: https://cgit.freedesktop.org/libreoffice/core/commit/?id=1a3b2668d63d00b9ae004c8be883c8e4c0f8996c author Bjoern Michaelsen <bjoern.michaelsen@libreoffice.org> 2018-03-13 00:04:04 +0100 committer Björn Michaelsen <bjoern.michaelsen@libreoffice.org> 2018-03-19 08:20:46 +0100 commit 1a3b2668d63d00b9ae004c8be883c8e4c0f8996c (patch) tree 0c007c1f909d6b7e8a8f26e3b55deefdb1f323d9 parent be8883bcb250bdbfbb77a76b244d97a30a97d77a (diff) use sw::WriterMultiListener instead of SwDepend in SwEndNoteInfo Bisected with: bibisect-linux64-6.1 Adding Cc: to Bjoern Michaelsen
The crash has been reproduced on the below platform too, I also tried the manual way without shortcuts, I used the menu clicks to copy&paste, create new page etc but resulted into a crash: Version: 6.1.1.2 Build ID: 5d19a1bfa650b796764388cd8b33a5af1f5baa1b CPU threads: 1; OS: Linux 4.15; UI render: default; VCL: gtk2; Locale: en-US (en_US.UTF-8); Calc: group threaded
Created attachment 145714 [details] stacktrace on a ~libreoffice-6-1 branch (unclean) Stacktrace on a unclean -6-1 branch (still had local patches, so please redo if you think its needed, I only had this debug-build).
Also some angry warnings before: warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/tabfrm.cxx:2626: debug assertion: <SwTabFrame::MakeAll()> - format of table lowers suppressed by fix i44910 warn:legacy.osl:14357:14357:sw/source/core/access/acccontext.cxx:1039: invalid visible area for dispose warn:legacy.osl:14357:14357:sw/source/core/access/acccontext.cxx:459: fire event for disposed frame? warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/findfrm.cxx:1102: <SwFrame::FindPrevCnt_()> - unknown layout situation: current frame should be in page header or page footer warn:legacy.osl:14357:14357:sw/source/core/layout/tabfrm.cxx:2626: debug assertion: <SwTabFrame::MakeAll()> - format of table lowers suppressed by fix i44910 warn:legacy.osl:14357:14357:sw/source/core/access/acccontext.cxx:459: fire event for disposed frame? [Thread 0x7fffd1acc700 (LWP 14573) exited]
So cause is likely footnotes in tables. Possibly the problem was already preexisting -- only accidentally exposed by the SwDepend change.
(In reply to Björn Michaelsen from comment #8) > Also some angry warnings before: The debug assertion is quite common, see bug 116293 and bug 119126
https://gerrit.libreoffice.org/#/c/63249/
Bjoern Michaelsen committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/+/e9bf0102783e23cf8b7c609a9a5265ab436dc90e%5E%21 tdf#120115: Dont crash on Footnote/Table undo/redo It will be available in 6.2.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
@Xisco Quote: "I found another crash testing it but it was already reproducible before the commit introducing tdf#120115 so I'll report it in another ticket." -> In search for the ticket in question (or is it covered by an existing report)
(In reply to Telesto from comment #13) > @Xisco > Quote: "I found another crash testing it but it was already reproducible > before the commit introducing tdf#120115 so I'll report it in another > ticket." > > -> In search for the ticket in question (or is it covered by an existing > report) Hi Telesto, i'll report it today...
Verified in Version: 6.2.0.0.alpha1+ Build ID: 21b0bd63a41bda1153bb6173ec23ecdd13353999 CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk3; Locale: ca-ES (ca_ES.UTF-8); UI-Language: en-US Calc: threaded @Bjoern Michaelsen, thanks for fixing this!!
(In reply to Xisco Faulí from comment #14) > (In reply to Telesto from comment #13) > > @Xisco > > Quote: "I found another crash testing it but it was already reproducible > > before the commit introducing tdf#120115 so I'll report it in another > > ticket." > > > > -> In search for the ticket in question (or is it covered by an existing > > report) > > Hi Telesto, > i'll report it today... Reported in bug 121546 with a bit of delay...
Bjoern Michaelsen committed a patch related to this issue. It has been pushed to "libreoffice-6-1": https://git.libreoffice.org/core/+/912c1584cbdb5eaedb079755df1150b95e8f7329%5E%21 tdf#120115: Dont crash on Footnote/Table undo/redo It will be available in 6.1.4. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.