124300 – Crash after toggling Hidden in character style a couple of times or doing Update all

Bug 124300 - Crash after toggling Hidden in character style a couple of times or doing Update all

Summary: Crash after toggling Hidden in character style a couple of times or doing Upd...

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	LibreOffice
Classification:	Unclassified
Component:	Writer (show other bugs)
Version: (earliest affected)	3.5.0 release
Hardware:	All All

Importance:	high major
Assignee:	Not Assigned

URL:
Whiteboard:	target:7.5.0
Keywords:	haveBacktrace, perf, preBibisect, regression

Depends on:
Blocks:	Layout-Loops, Writer-Loops Writer-Styles-Character Crash
	Show dependency tree / graph

Reported:	2019-03-23 20:04 UTC by Buovjaga
Modified:	2024-05-02 01:24 UTC (History)
CC List:	8 users (show)

See Also:	81792 149131 144284 122081 160897
Crash report or crash signature:	["SwFrame::GetPhyPageNum()","SwFrame::FindFootnoteBossFrame(bool)"]

Attachments
Backtrace of crash with Win master (9.12 KB, text/plain) 2019-03-23 20:04 UTC, Buovjaga	Details
tdf124300_gpf_fix.patch: changes GPF into an infinite loop (1.38 KB, patch) 2020-03-19 06:36 UTC, Justin L	Details
BT without symbols (22.39 KB, text/plain) 2022-05-18 08:00 UTC, Telesto	Details
Same file with some highlighting (65.92 KB, application/vnd.oasis.opendocument.text) 2022-05-18 08:10 UTC, Telesto	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Buovjaga 2019-03-23 20:04:21 UTC

Created attachment 150239 [details]
Backtrace of crash with Win master

1. Download attachment 103519 [details] and attachment 103520 [details]
2. Open the master document file (odm)
3. Open Styles deck in sidebar, character styles
4. In the bottom dropdown, switch to All styles, if not chosen yet
5. Modify the style named -hide
6. In the Font effects tab, untick Hidden and click OK
7. Go back and this time tick Hidden and click OK
You should see LibO crash.

Also repro on Linux

This is split from bug 81792

3.3.0 does not crash, but 3.5.0 already does.

master~2019-03-23_00.08.44_LibreOfficeDev_6.3.0.0.alpha0_Win_x86.msi
Version: 6.3.0.0.alpha0+
Build ID: 601cc06187d20355810666547225549984b0caa4
CPU threads: 4; OS: Windows 10.0; UI render: default; VCL: win; 
Locale: fi-FI (fi_FI); UI-Language: en-US
Calc: threaded

Comment 1 Buovjaga 2019-03-23 20:35:58 UTC

Simply doing Tools - Update - Update All leads to a crash and to me the cause looks the same based on the backtrace:
FAILURE_ID_HASH_STRING:  um:null_class_ptr_read_c0000005_swlo.dll!swframe::getphypagenum

Comment 2 Oliver Brinzing 2019-03-24 08:05:16 UTC

(In reply to Buovjaga from comment #0)
> 7. Go back and this time tick Hidden and click OK
> You should see LibO crash.

i cannot reproduce this crash with:

Version: 6.3.0.0.alpha0+ (x64)
Build ID: f8251c40b4c512b6ea54ea2207a3816d8b925711
CPU threads: 4; OS: Windows 10.0; UI render: default; VCL: win; 
Locale: de-DE (de_DE); UI-Language: en-US
Calc: threaded

> Simply doing Tools - Update - Update All 

but doing this leeds to a freeze:

$ instdir/program/soffice d:/downloads/test.odm
warn:vcl.opengl:1408:19892:vcl/opengl/win/WinDeviceInfo.cxx:505: use :
warn:extensions.olebridge:1408:19892:extensions/source/ole/olethread.cxx:41: CoInitializeEx failed (expectedly): Der Threadmodus kann nicht nach dem Einstellen geändert werden.
warn:extensions.olebridge:1408:19892:extensions/source/ole/olethread.cxx:61:   Thread is in a main single-threaded apartment.
warn:legacy.tools:1408:19892:sfx2/source/control/bindings.cxx:1737: No cache for OfficeDispatch!
warn:fwk.uiconfiguration:1408:19892:framework/source/uiconfiguration/ImageArrayData.cxx:87: Failed to load image 'cmd/sc_languagemenu.png' from icon theme 'colibre'
warn:fwk.uiconfiguration:1408:19892:framework/source/uiconfiguration/ImageArrayData.cxx:87: Failed to load image 'cmd/sc_autoformatmenu.png' from icon theme 'colibre'
warn:fwk.uiconfiguration:1408:19892:framework/source/uiconfiguration/ImageArrayData.cxx:87: Failed to load image 'cmd/sc_chapternumberingdialog.png' from icon theme 'colibre'
warn:fwk.uiconfiguration:1408:19892:framework/source/uiconfiguration/ImageArrayData.cxx:87: Failed to load image 'cmd/sc_linenumberingdialog.png' from icon theme 'colibre'
warn:fwk.uiconfiguration:1408:19892:framework/source/uiconfiguration/ImageArrayData.cxx:87: Failed to load image 'cmd/sc_sortdialog.png' from icon theme 'colibre'
warn:fwk.uiconfiguration:1408:19892:framework/source/uiconfiguration/ImageArrayData.cxx:87: Failed to load image 'cmd/sc_calculatesel.png' from icon theme 'colibre'
warn:fwk.uiconfiguration:1408:19892:framework/source/uiconfiguration/ImageArrayData.cxx:87: Failed to load image 'cmd/sc_openxmlfiltersettings.png' from icon theme 'colibre'
warn:vcl:1408:19892:vcl/win/gdi/salbmp.cxx:700: Unsupported BitCount!
warn:sw.core:1408:19892:sw/source/core/attr/calbck.cxx:229: a class sw::ListenerEntry client added as listener to a class SwTextFormatColl during client iteration.
warn:sw.core:1408:19892:sw/source/core/attr/calbck.cxx:229: a class sw::ListenerEntry client added as listener to a class SwTextFormatColl during client iteration.
warn:sw.core:1408:19892:sw/source/core/attr/format.cxx:226: ~SwFormat: parent format missing from: Paragraph style
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:1302: InsertFootnote: Order of FootnoteFrame's buggy
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:1302: InsertFootnote: Order of FootnoteFrame's buggy
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:1302: InsertFootnote: Order of FootnoteFrame's buggy
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:1302: InsertFootnote: Order of FootnoteFrame's buggy
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:1302: InsertFootnote: Order of FootnoteFrame's buggy
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:1302: InsertFootnote: Order of FootnoteFrame's buggy
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:1302: InsertFootnote: Order of FootnoteFrame's buggy
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/ftnfrm.cxx:604: Next is not FootnoteNext
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
warn:legacy.osl:1408:19892:sw/source/core/layout/layact.cxx:542: LoopControl_1 in SwLayAction::InternalAction
[...]

Comment 3 Justin L 2020-03-19 06:36:09 UTC

Created attachment 158791 [details]
tdf124300_gpf_fix.patch: changes GPF into an infinite loop

The attached patch will fix the exiting crash, but turn it into an infinite loop. Since from a developer's standpoint, a crash is better than an infinite loop (which also seems to take control of the keyboard and mouse), I am only attaching the patch here. Ultimately there are some nasty footnote bugs that need to be identified and fixed.

This document is terribly sluggish just opening it. There is way more than one problem here...

Comment 4 QA Administrators 2022-05-17 03:31:13 UTC Comment hidden (noise)

Dear Buovjaga,

To make sure we're focusing on the bugs that affect our users today, LibreOffice QA is asking bug reporters and confirmers to retest open, confirmed bugs which have not been touched for over a year.

There have been thousands of bug fixes and commits since anyone checked on this bug report. During that time, it's possible that the bug has been fixed, or the details of the problem have changed. We'd really appreciate your help in getting confirmation that the bug is still present.

If you have time, please do the following:

Test to see if the bug is still present with the latest version of LibreOffice from https://www.libreoffice.org/download/

If the bug is present, please leave a comment that includes the information from Help - About LibreOffice.

If the bug is NOT present, please set the bug's Status field to RESOLVED-WORKSFORME and leave a comment that includes the information from Help - About LibreOffice.

Please DO NOT

Update the version field
Reply via email (please reply directly on the bug tracker)
Set the bug's Status field to RESOLVED - FIXED (this status has a particular meaning that is not
appropriate in this case)

If you want to do more to help you can test to see if your issue is a REGRESSION. To do so:
1. Download and install oldest version of LibreOffice (usually 3.3 unless your bug pertains to a feature added after 3.3) from https://downloadarchive.documentfoundation.org/libreoffice/old/

2. Test your bug
3. Leave a comment with your results.
4a. If the bug was present with 3.3 - set version to 'inherited from OOo';
4b. If the bug was not present in 3.3 - add 'regression' to keyword

Feel free to come ask questions or to say hello in our QA chat: https://web.libera.chat/?settings=#libreoffice-qa

Thank you for helping us make LibreOffice even better for everyone!

Warm Regards,
QA Team

MassPing-UntouchedBug

Comment 5 Buovjaga 2022-05-17 05:51:07 UTC

Still crashes.

Arch Linux 64-bit
Version: 7.4.0.0.alpha1+ / LibreOffice Community
Build ID: eac2e7520de09d019c07b63f9f89d865c20b1e4e
CPU threads: 8; OS: Linux 5.17; UI render: default; VCL: kf5 (cairo+xcb)
Locale: fi-FI (fi_FI.UTF-8); UI: en-US
Calc: threaded
Built on 13 May 2022

Comment 6 Rainer Bielefeld Retired 2022-05-17 14:57:50 UTC

NOT reproducible with Installation of Version: 7.3.3.2 (x64) 
Build ID: d1d0ea68f081ee2800a922cac8f79445e4603348
CPU threads: 12; OS: Windows 10.0 Build 19044; UI render: Skia/Raster; VCL: win
Locale: de-DE (de_DE); UI: de-DE | Calc: threaded | ElementaryTheme | My normal User Profile:
Opened Document, switched Style from hidden to unhidden and then back to hidden; no crash.
Also no crash for "Update all".

Comment 7 sdc.blanco 2022-05-17 15:31:32 UTC

No repro (in Windows) -- toggled hidden 6 times (with OK after each attempt) in Font effects, with no crash.  

Version: 7.4.0.0.alpha0+ (x64) / LibreOffice Community
Build ID: cdf8e971d5d46df4bcab35a99c4254df9459213f
CPU threads: 8; OS: Windows 10.0 Build 19043; UI render: Skia/Raster; VCL: win
Locale: da-DK (da_DK); UI: en-US
Calc: CL

Comment 8 Buovjaga 2022-05-17 18:10:55 UTC

Still crashes on Windows with both toggling and updating cases.

Version: 7.4.0.0.alpha0+ (x64) / LibreOffice Community
Build ID: 172e208e6b0674f42c301c5ee5e280e9138ba1b4
CPU threads: 2; OS: Windows 10.0 Build 19044; UI render: Skia/Raster; VCL: win
Locale: fi-FI (fi_FI); UI: en-US
Calc: threaded Jumbo

Comment 9 Telesto 2022-05-17 18:48:31 UTC

(In reply to sdc.blanco from comment #7)
> No repro (in Windows) -- toggled hidden 6 times (with OK after each attempt)
> in Font effects, with no crash.  
> 
> Version: 7.4.0.0.alpha0+ (x64) / LibreOffice Community
> Build ID: cdf8e971d5d46df4bcab35a99c4254df9459213f
> CPU threads: 8; OS: Windows 10.0 Build 19043; UI render: Skia/Raster; VCL:
> win
> Locale: da-DK (da_DK); UI: en-US
> Calc: CL

Same here with exact the same build
Version: 7.4.0.0.alpha0+ (x64) / LibreOffice Community
Build ID: cdf8e971d5d46df4bcab35a99c4254df9459213f
CPU threads: 4; OS: Windows 6.3 Build 9600; UI render: Skia/Raster; VCL: win
Locale: en-US (nl_NL); UI: en-GB
Calc: CL Jumbo

Comment 10 sdc.blanco 2022-05-17 20:21:33 UTC

Finally....but nothing to do with Styles and hidden. Rather the crash comes with Update All.  This is also what comment 1 says.  Maybe the bug summary should be updated?

STR

1. Start in Safe Mode.
2. Open test.odm
3. Answer yes to update links (don't know if this is necessary)
4. Tools > Update > Update All
CRASH!

I think step 3 is necessary, because when I answered "no", then Tools > Update > Update All did not crash the first time (but only loaded test.odt), but the second time it crashed.

Version: 7.4.0.0.alpha0+ (x64) / LibreOffice Community
Build ID: cdf8e971d5d46df4bcab35a99c4254df9459213f
CPU threads: 8; OS: Windows 10.0 Build 19043; UI render: Skia/Raster; VCL: win

Comment 11 Rainer Bielefeld Retired 2022-05-18 06:29:47 UTC

> crash comes with Update All

Not for me with sample document from original report, Menu ˋTools → Update → Update Allˊ  and  Server Installation of Version: 7.4.0.0.alpha0+ (x64)  Build ID b000d964fcc8849d10576bf3539bde7729db2eb1
CPU threads: 12; OS: Windows 10.0 Build 19044; UI render: default; VCL: win
Locale: de-DE (de_DE); UI: en-US  |  Calc: CL  |  Auto Colibre Theme  |  Special devUserProfile

Can the problem depend on particular preferences, settings, ...?
Does the crash problem also stay with newly created user profile?

Comment 12 Buovjaga 2022-05-18 07:01:54 UTC

(In reply to Rainer Bielefeld Retired from comment #11)
> > crash comes with Update All
> 
> Not for me with sample document from original report, Menu ˋTools → Update →
> Update Allˊ  and  Server Installation of Version: 7.4.0.0.alpha0+ (x64) 
> Build ID b000d964fcc8849d10576bf3539bde7729db2eb1
> CPU threads: 12; OS: Windows 10.0 Build 19044; UI render: default; VCL: win
> Locale: de-DE (de_DE); UI: en-US  |  Calc: CL  |  Auto Colibre Theme  | 
> Special devUserProfile
> 
> Can the problem depend on particular preferences, settings, ...?
> Does the crash problem also stay with newly created user profile?

Seth in comment 10 started in Safe Mode.

Comment 13 Telesto 2022-05-18 08:00:16 UTC

Created attachment 180180 [details]
BT without symbols

(In reply to Buovjaga from comment #12)
> (In reply to Rainer Bielefeld Retired from comment #11)
> > > crash comes with Update All
> > 
> > Not for me with sample document from original report, Menu ˋTools → Update →
> > Update Allˊ 

> Seth in comment 10 started in Safe Mode.

Also repro here:
Version: 7.4.0.0.alpha0+ (x64) / LibreOffice Community
Build ID: cdf8e971d5d46df4bcab35a99c4254df9459213f
CPU threads: 4; OS: Windows 6.3 Build 9600; UI render: Skia/Raster; VCL: win
Locale: en-US (nl_NL); UI: en-GB
Calc: CL Jumbo

However my BT with this crash doesn't match the attached one at attachment 150239 [details]

It does crash
Version: 6.0.0.0.alpha0+
Build ID: 9127d1a89cbfba89eb9df6755ea7b9e161cfc67a
CPU threads: 4; OS: Windows 6.3; UI render: default; 
Locale: nl-NL (nl_NL); Calc: CL

and in
Version: 5.1.0.0.alpha1+
Build ID: aa334d55ee34c125f6f4fdfaadbc1ed8fa33f5bc
Locale: nl-NL (nl_NL)

but no crash with
Versie: 5.0.0.1 
Build ID: 9a0b23dd0ab9652e0965484934309f2d49a7758e
Locale: nl-NL (nl_NL)

or with
4.4.7.2

but well might be caused by idle timer changes exposing the problem more prominently 

The shared part of the both crashes is that it appears to be caused by footnote area of the document.

Comment 14 sdc.blanco 2022-05-18 08:04:38 UTC

(comment 13 arrived as I was just finishing the following comment. Maybe less relevant now...but...here it is...)

Repro STR in comment 10 with: 

Version: 7.2.6.2 (x64) / LibreOffice Community
Build ID: b0ec3a565991f7569a5a7f5d24fed7f52653d754
CPU threads: 8; OS: Windows 10.0 Build 19043; UI render: Skia/Raster; VCL: win
Locale: da-DK (da_DK); UI: en-US
Calc: threaded

Additional Information:

1. Was hoping for a crash report, but the URL was empty. 
There are .dmp files in LibreOffice/4/crash.  Is it worth attaching one?

2. Can narrow the Update down to Tools > Update > Links.  (no crash with Update Fields or Page Formatting)

3. Again, have to "update links" twice.  That is, when opening test.odm, if you answer "yes" to updating links, then next time I use Tools > Update > Links, it crashes.  If I answer "no" on opening, then first time I use Update > Links, it loads the file, and second time it crashes.

Comment 15 Telesto 2022-05-18 08:10:13 UTC

Created attachment 180181 [details]
Same file with some highlighting

1. Place the cursor at the highlighted area
2. Press delete row... -> Crash (same BT as attachment 180180 [details])

Comment 16 Rainer Bielefeld Retired 2022-05-18 08:20:32 UTC

@Buovjaga
Safe mode makes sure that the effect is not caused by Extensions and some other dependencies, but some settings persist in Safe Mode. So a test with a newly created User Profile (simply rename the User Profile before you launch LibO) might generate some additional info.

I'm still a little astonished that that very simple test does not cause a crash for me ...
Different to my Test form Comment 10 I now used Navigator for update all or other updates; no crash!

I'm a little astonished concerning the linked contents I see in Navigator. Link I see is 
"file:///D:/Dateien/LibO-Bugs/124300 - Crash after toggling Hidden/test.odt"
I am not sure whether I understand all details, but that seems to be some recursion, linked contents in document in the document section is the document  itself?

And now I will do test from Comment 15

Comment 17 Rainer Bielefeld Retired 2022-05-18 08:44:47 UTC

Test 15 does the crash for me with 7.4.

Comment 18 Rainer Bielefeld Retired 2022-05-18 08:50:10 UTC

> I'm a little astonished concerning 
Sorry, nonsense! Linked contents from test.odm ist test.odT!

Comment 19 sdc.blanco 2022-05-18 08:52:16 UTC

Thanks to Rainer for additional critical information.

1. Start in Safe Mode (using 7.2.6.2)
2. Open test.odm, answering "Yes" to confirmation dialog about updating links.
3. In Navigator, choose Update Links, answer "Yes" to confirmation dialog.
4. (reproducible) Crash.  (and also leaves an soffice.bin process running at 12% CPU, which has to be deleted manually).

Here are a couple of crash reports with signature: SwFrame::GetPhyPageNum() 

https://crashreport.libreoffice.org/stats/crash_details/04181995-10f0-4bce-b61e-adee6d290009

https://crashreport.libreoffice.org/stats/crash_details/39f5fd46-2f3d-4e05-8c5a-ba158d295743

Comment 20 Buovjaga 2022-05-18 08:54:59 UTC

(In reply to Rainer Bielefeld Retired from comment #16)
> @Buovjaga
> Safe mode makes sure that the effect is not caused by Extensions and some
> other dependencies, but some settings persist in Safe Mode. So a test with a
> newly created User Profile (simply rename the User Profile before you launch
> LibO) might generate some additional info.

I can repro on Linux with 7.4 and I have erased its user profile frequently as I do my own builds.

Comment 21 sdc.blanco 2022-05-18 09:27:59 UTC

With Telesto's STR in comment 15

1. Open document in 7.2.6.2
2. Delete first row in document (no problem)
3. Delete row with highlighted text (crash)
4. Leaves soffice.bin running (at 12% CPU and need to delete process manually)

Same crash signature as Update Links method (comment 19): SwFrame::GetPhyPageNum() 

https://crashreport.libreoffice.org/stats/crash_details/2117e136-da56-4a56-9157-46f2cbb9bb4c

Comment 22 Telesto 2022-05-18 09:36:48 UTC

@Michael
Adding you to the loop, you're mostly the one fixing this kind of issues...

Comment 23 Commit Notification 2022-08-26 20:45:28 UTC

Caolán McNamara committed a patch related to this issue.
It has been pushed to "master":

https://git.libreoffice.org/core/commit/327a87f51d5a35d6dee0e9038b26f989052f6e0c

tdf#124300 survive update all

It will be available in 7.5.0.

The patch should be included in the daily builds available at
https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
https://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.

Comment 24 Buovjaga 2022-08-27 14:37:37 UTC

(In reply to Commit Notification from comment #23)
> Caolán McNamara committed a patch related to this issue.
> It has been pushed to "master":
> 
> https://git.libreoffice.org/core/commit/
> 327a87f51d5a35d6dee0e9038b26f989052f6e0c
> 
> tdf#124300 survive update all

After this, Update All for attachment 103519 [details] (with subdocument attachment 103520 [details]) does not crash in a non-debug build on Win. With a Linux debug build, it crashes with kf5 and gen, but not with gtk3.

Arch Linux 64-bit
Version: 7.5.0.0.alpha0+ / LibreOffice Community
Build ID: 70c69ba1c48a42b763dd5426bd4f008d950ad967
CPU threads: 8; OS: Linux 5.19; UI render: default; VCL: kf5 (cairo+xcb)
Locale: fi-FI (fi_FI.UTF-8); UI: en-US
Calc: threaded
Built on 27 August 2022

Comment 25 Stéphane Guillou (stragu) 2024-05-02 00:48:09 UTC

Testing all with gen VCL plugin:

- comment 0 steps (unhide -> hide):
   - repro in 7.4.0.3 with signature "SwFrame::FindFootnoteBossFrame(bool)": https://crashreport.libreoffice.org/stats/crash_details/213df40a-f967-4d5c-8150-fe0fdfe67d8f
   - repro in 7.6.6 with signature "SwFrame::GetPhyPageNum() const": https://crashreport.libreoffice.org/stats/crash_details/028918da-1c92-4436-8856-c21cb5fcef3c
   - in 24.2 and a recent daily build: no crash anymore.
   However, poor perf and daily build's console flooded with a loop of warnings that include:
       warn:sw.layout:251020:251020:sw/source/core/layout/wsfrm.cxx:3084: footnote frame on different page than ref frame?
       warn:legacy.osl:277213:277213:sw/source/core/layout/layact.cxx:589: LoopControl_1 in SwLayAction::InternalAction
       warn:legacy.osl:277437:277437:sw/source/core/layout/layact.cxx:770: LoopControl_3 in Interrupt formatting in SwLayAction::InternalAction
       warn:sw.layout:277213:277213:sw/source/core/layout/layouter.cxx:190: Looping Louie: Stage 1!

- comment 10 + comment 14 steps (update links):
   - repro in 7.4.0.3 with signature "SwFrame::FindFootnoteBossFrame(bool)": https://crashreport.libreoffice.org/stats/crash_details/d3eea219-f10d-4cbc-94c3-36568f6add15
   - no crash anymore in 7.6.6, 24.2.2 and current daily build, but remains frozen for a while / very sluggish after updating links, one core at 100%.
   In daily build, flood of warnings as described above.
   
- comment 15 / comment 21 steps (delete table row):
   - repro in 7.4 and 7.5: https://crashreport.libreoffice.org/stats/crash_details/5076ae70-c6ba-4c5b-a76b-23612cd7e645
   - however, not reproduced in 7.6.6 anymore.

- comment 24 (dbg build crash on update all):
   - can't test in recent trunk build because of the layout loop

Given that (at least) all the non-debug crashes are now gone, and the variety of cases described, my suggestion is closing as "works for me" and open now reports as needed.

Daily build used:

Version: 24.8.0.0.alpha0+ (X86_64) / LibreOffice Community
Build ID: f4ef5435df5560e6b6b061ce4053c71e2819bf51
CPU threads: 8; OS: Linux 6.5; UI render: default; VCL: x11
Locale: en-AU (en_AU.UTF-8); UI: en-US
Calc: threaded

Comment 26 Stéphane Guillou (stragu) 2024-05-02 01:21:28 UTC

(In reply to Stéphane Guillou (stragu) from comment #25)
> - comment 24 (dbg build crash on update all):
>    - can't test in recent trunk build because of the layout loop
This eventually settled to a manageable rate, no crash after Update All.
However, still looping with:

warn:legacy.osl:278015:278015:sw/source/core/layout/layact.cxx:589: LoopControl_1 in SwLayAction::InternalAction
warn:sw.layout:278015:278015:sw/source/core/layout/wsfrm.cxx:3084: footnote frame on different page than ref frame?

...ad nauseam.

Comment 27 Stéphane Guillou (stragu) 2024-05-02 01:24:03 UTC

(In reply to Stéphane Guillou (stragu) from comment #25)
> my suggestion is closing as "works for me" and
> open now reports as needed.
Done for layout loop in bug 160897.