Description: Libreoffice writer crashes if you change the doctype line and switching to web view Steps to Reproduce: 1. File>New HTML Document 2. Change first line to <!DOCTYPE HTML> 3. View HTML source Crash Actual Results: Crash after changing view Expected Results: There should not be crash Also opened background documents should not change view after recovery Reproducible: Always User Profile Reset: No Additional Info: Version: 6.2.1.2 Build ID: 6.2.1-1 CPU threads: 8; OS: Linux 5.0; UI render: default; VCL: qt5; Locale: en-NZ (en_NZ.UTF-8); UI-Language: en-US Calc: threaded
On Win10 + master sources updated today, I don't reproduce the crash. A dialog appears to save the html file, then it opens the html file.
I can't reproduce it in Version: 6.3.0.0.alpha0+ Build ID: a11a2d84b09f85d2020c47f3ce42cd9efbff818a CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk3; Locale: ca-ES (ca_ES.UTF-8); UI-Language: en-US Calc: threaded it seems to be a KDE5 problem...
On pc Debian x86-64 with master sources updated today with kde5 (with or without QT_QPA_PLATFORM=wayland), I don't reproduce this too. Could you give a try to https://wiki.documentfoundation.org/QA/FirstSteps? If you still reproduce the crash, would it be possible you retrieve a backtrace by following this link https://wiki.documentfoundation.org/QA/BugReport/Debug_Information#GNU.2FLinux:_How_to_get_a_backtrace ?
Created attachment 150090 [details] gdbtrace Hi I've attached the gdbtrace log
Hi ET, LibreOffice 6.2.2.2 is going to be released today. Would you mind testing with this new version ? There are some fixing for KDE5 in this version and it's possible this crash is fixed as well...
This crash still occurs in 6.2.2.2 In fact it doesn't require changing the doctype at all. Steps to reproduce: 1. soffice --backtrace 2. File>New HTML Document 3. View>HTML source 4. Save as Untitled.html 5. Delete all the html code 6. View>HTML source 7. Crash In the gdbtrace.log I can see Thread 1 "soffice.bin" received signal SIGSEGV, Segmentation fault. 0x00007ffff6748274 in SfxBroadcaster::AddListener(SfxListener&) () from /usr/lib/libreoffice/program/libsvllo.so
Created attachment 150198 [details] gdbtrace I've attached a new gdbtrace.log
@Michael, @Vera, do you reproduce this in KDE5 ?
Using the steps from comment 6, I can reproduce with both Version: 6.3.0.0.alpha0+ Build ID: ad04121efa8dd513bc0564515b5f305bb1549109 CPU threads: 4; OS: Linux 4.19; UI render: default; VCL: gtk3; Locale: en-GB (en_GB.UTF-8); UI-Language: en-US Calc: threaded and Version: 6.3.0.0.alpha0+ Build ID: ad04121efa8dd513bc0564515b5f305bb1549109 CPU threads: 4; OS: Linux 4.19; UI render: default; VCL: kde5; Locale: en-GB (en_GB.UTF-8); UI-Language: en-US Calc: threaded which means that this is not a kde5-specific issue.
Created attachment 150216 [details] GDB backtrace with debug build GDB backtrace for the gtk3 case and with the debug build from previous comment
Hmm: #3 0x00007ffff4ec32ed in SfxBroadcaster::AddListener(SfxListener&) (this=0x0, rListener=...) at /mnt/data/development/git/libreoffice/svl/source/notify/SfxBroadcaster.cxx:95 #4 0x00007ffff4ed70d4 in SfxListener::StartListening(SfxBroadcaster&, DuplicateHandling) (this=0x555557908428, rBroadcaster=..., eDuplicateHanding=DuplicateHandling::Unexpected) at /mnt/data/development/git/libreoffice/svl/source/notify/lstner.cxx:107 Someone should check this in valgrind, as this should have already crashed way earlier, because in #3 this == rBroadcaster, which is a reference, which should never be nullptr!
Created attachment 150224 [details] Valgrind trace On pc Debian x86-64 with master sources updated today + gtk3 + enable-dbgutil, I could reproduce this. I attached Valgrind trace.
Version: 6.3.0.0.alpha0+ Build ID: a03f421a878c210566dc8d728113a27400da38f2 CPU threads: 4; OS: Linux 4.19; UI render: default; VCL: kde5; TinderBox: Linux-rpm_deb-x86_64@86-TDF, Branch:master, Time: 2019-03-16_09:07:41 Locale: ru-RU (ru_RU.UTF-8); UI-Language: en-US Calc: threaded Reproduced crash by steps in description.
ok, I can reproduce it now ( I don't know what I tested the other day ). Bisecting...
Regression introduced by: https://cgit.freedesktop.org/libreoffice/core/commit/?id=50d8f19c456f228a6d8b14bdb9b4ab343ec4f826 author andreas kainz <kainz.a@gmail.com> 2018-06-18 22:18:00 +0200 committer andreas_kainz <kainz.a@gmail.com> 2018-06-25 13:02:51 +0200 commit 50d8f19c456f228a6d8b14bdb9b4ab343ec4f826 (patch) tree 22b5261742cc0058e74badb2891ef7be567ca726 parent 16b10d9ac976d40daffee1d15456016f4a89cd2e (diff) menubar web: sync with writer Bisected with: bibisect-linux64-6.2 Adding Cc: to andreas kainz
I can't reproduce it in Version: 6.3.0.0.alpha0+ Build ID: f8ca6e0a59bff51fcb09af4fa6d9cd458b32f223 CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: x11; Locale: ca-ES (ca_ES.UTF-8); UI-Language: en-US Calc: threaded nor in Version: 6.3.0.0.alpha0+ Build ID: f8ca6e0a59bff51fcb09af4fa6d9cd458b32f223 CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk2; Locale: ca-ES (ca_ES.UTF-8); UI-Language: en-US Calc: threaded @Caolán, I thought you might be interested in this issue...
I can reproduce this
Caolán McNamara committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/+/ac7ce7a64ef903bad1476f5635a7b2a1e951a7a3%5E%21 Resolves: tdf#124142 don't deref nullptr It will be available in 6.3.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
fixed in master, backport in gerrit
Verified in Version: 6.3.0.0.alpha0+ Build ID: 705558aa455403cd006993f95b5b13981fdb3483 CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk3; Locale: ca-ES (ca_ES.UTF-8); UI-Language: en-US Calc: threaded @Caolán, thanks for fixing this issue!!
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-6-2": https://git.libreoffice.org/core/+/4e2e85acfba508a5de4d11643c333403be5b9bd6%5E%21 Resolves: tdf#124142 don't deref nullptr It will be available in 6.2.3. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-6-1": https://git.libreoffice.org/core/+/cdef6e5f4053adf5413781a9282285eab3923373%5E%21 Resolves: tdf#124142 don't deref nullptr It will be available in 6.1.6. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
I'll report back once 6.2.3 lands in my package repository.
I can confirm this is fixed in Version: 6.3.0.4 Build ID: 6.3.0-1 CPU threads: 8; OS: Linux 5.2; UI render: default; VCL: qt5; Locale: en-NZ (en_NZ.UTF-8); UI-Language: en-US Calc: threaded Thanks.
(In reply to Commit Notification from comment #21) > Caolán McNamara committed a patch related to this issue. > It has been pushed to "libreoffice-6-2": > > https://git.libreoffice.org/core/+/ > 4e2e85acfba508a5de4d11643c333403be5b9bd6%5E%21 > > Resolves: tdf#124142 don't deref nullptr > > It will be available in 6.2.3. > > The patch should be included in the daily builds available at > https://analsexgif.com/category/small-tits/ in the next 24-48 hours. More > information about daily builds can be found at: > https://wiki.documentfoundation.org/Testing_Daily_Builds > > Affected users are encouraged to test the fix and report feedback. its works now!