Created attachment 178070 [details] sample file Steps to reproduce: 1. Open attached document 2. Select all 3. Copy 4. Paste twice 5. Undo Twice -> Crash Reproduced in Version: 7.4.0.0.alpha0+ / LibreOffice Community Build ID: d5f015185240a7bddfed7ddf10d6b5426e35fb72 CPU threads: 8; OS: Linux 5.10; UI render: default; VCL: gtk3 Locale: es-ES (es_ES.UTF-8); UI: en-US Calc: threaded
Regression introduced by: https://cgit.freedesktop.org/libreoffice/core/commit/?id=2951cbdf3a6e2b62461665546b47e1d253fcb834 author Attila Bakos (NISZ) <bakos.attilakaroly@nisz.hu> 2021-11-10 14:10:11 +0100 committer László Németh <nemeth@numbertext.org> 2022-01-03 14:28:15 +0100 commit 2951cbdf3a6e2b62461665546b47e1d253fcb834 (patch) tree d09834b7f1e68e7b3664ed03c5d2ed3c73de552d parent cce57fd94e9335c5dd5f3725a5fe54f5d3929e8d (diff) tdf#143574 OOXML export/import of textboxes in group shapes Bisected with: bibisect-linux64-7.4 Adding Cc: to Attila Bakos
Created attachment 178078 [details] bt with debug symbols On pc Debian x86-64 with master sources updated today, I got a segfault with gtk3 rendering. Remark: I've got no crash with gen rendering.
with gen, you might need to increase the number of pastes and undo, but it also crashes
Yes, I have an idea about the real problem: From that commit the text of the group shapes in textframes attached to the shapes like simple shapes. As-char anchoring (like these shapes anchored) is not implemented in the master, only in gerrit, here: https://gerrit.libreoffice.org/c/core/+/129627 That can cause crash. But, that fix can be not enough because there is a problem in the writer core, at the content operation manager so the copy of the textframes will have issues (floating tables, textboxes etc what uses swxtextframe all affected) because the frame format of the textbox unable to survive the content operation manager operation. Before i tried to debug it, and i found the problem in https://opengrok.libreoffice.org/xref/core/sw/source/core/doc/DocumentContentOperationsManager.cxx?r=70ac13ee#3768 but there i lost... There can be seen a SwTextBoxHelper::SavedLink aOldTextBoxes; line where the textframes saved in case of simple shapes for later usage when the fly copying finished (if you comment it that also will have issues too). But for group textboxes this is not so easy, because in case of simple shapes the shape texbox pair 1:1, but in case of group shapes this is 1:N, and each textboxes identified by the sdrobject what its belongs to. However during this content operation, the sdrs will be deleted and recreated, so the textboxes lost their connection. That prevent proper copying of group textboxes in case of ctrl+drag, ctrl+c, undoing, etc. I think this cause that issue too where nested floating table conversion causes exception, now these tables imported as simple tables with wrong position. So i think this is a so complex problem, not a simple regression. Thanks to this issue i have to put a condition in the above mentioned commit, where i disabled group textboxes (WPG) in tables, see: https://opengrok.libreoffice.org/xref/core/writerfilter/source/ooxml/OOXMLFastContextHandler.cxx?r=4a38ca40#1712 But i also hope this will be fixed one day too :)
Created attachment 178611 [details] sample file 2 Another file that crashes after https://cgit.freedesktop.org/libreoffice/core/commit/?id=2951cbdf3a6e2b62461665546b47e1d253fcb834 Steps: 1. Select all & copy 2. Paste 3 times 3. Undo 3 times -> Crash
(In reply to Xisco Faulí from comment #0) > Created attachment 178070 [details] > sample file > > Steps to reproduce: > 1. Open attached document > 2. Select all > 3. Copy > 4. Paste twice > 5. Undo Twice > > -> Crash > > Reproduced in > > Version: 7.4.0.0.alpha0+ / LibreOffice Community > Build ID: d5f015185240a7bddfed7ddf10d6b5426e35fb72 > CPU threads: 8; OS: Linux 5.10; UI render: default; VCL: gtk3 > Locale: es-ES (es_ES.UTF-8); UI: en-US > Calc: threaded can you pls check it again? no crash in: Version: 7.4.0.0.alpha0+ (x64) / LibreOffice Community Build ID: d3c22b1d4754e95a0fbb801a73295e5a4353f38f CPU threads: 8; OS: Windows 10.0 Build 19043; UI render: Skia/Raster; VCL: win Locale: hu-HU (hu_HU); UI: hu-HU Calc: CL
(In reply to Xisco Faulí from comment #5) > Created attachment 178611 [details] > sample file 2 > > Another file that crashes after > https://cgit.freedesktop.org/libreoffice/core/commit/ > ?id=2951cbdf3a6e2b62461665546b47e1d253fcb834 > > Steps: > 1. Select all & copy > 2. Paste 3 times > 3. Undo 3 times > > -> Crash but this one crashes unfortunately :(
(In reply to Attila Bakos (NISZ) from comment #7) > (In reply to Xisco Faulí from comment #5) > > Created attachment 178611 [details] > > sample file 2 > > > > Another file that crashes after > > https://cgit.freedesktop.org/libreoffice/core/commit/ > > ?id=2951cbdf3a6e2b62461665546b47e1d253fcb834 > > > > Steps: > > 1. Select all & copy > > 2. Paste 3 times > > 3. Undo 3 times > > > > -> Crash > > but this one crashes unfortunately :( there is an assert: https://opengrok.libreoffice.org/xref/core/sw/source/core/docnode/ndnum.cxx?r=d405d73c#41 if i comment it out, works... but i it is not a solution...
(In reply to Attila Bakos (NISZ) from comment #6) > (In reply to Xisco Faulí from comment #0) > > Created attachment 178070 [details] > > sample file > > > > Steps to reproduce: > > 1. Open attached document > > 2. Select all > > 3. Copy > > 4. Paste twice > > 5. Undo Twice > > > > -> Crash > > > > Reproduced in > > > > Version: 7.4.0.0.alpha0+ / LibreOffice Community > > Build ID: d5f015185240a7bddfed7ddf10d6b5426e35fb72 > > CPU threads: 8; OS: Linux 5.10; UI render: default; VCL: gtk3 > > Locale: es-ES (es_ES.UTF-8); UI: en-US > > Calc: threaded > > can you pls check it again? no crash in: > Version: 7.4.0.0.alpha0+ (x64) / LibreOffice Community > Build ID: d3c22b1d4754e95a0fbb801a73295e5a4353f38f > CPU threads: 8; OS: Windows 10.0 Build 19043; UI render: Skia/Raster; VCL: > win > Locale: hu-HU (hu_HU); UI: hu-HU > Calc: CL yes, it's fixed. Fixed by author Attila Bakos (NISZ) <bakos.attilakaroly@nisz.hu> 2022-02-07 17:09:42 +0100 committer László Németh <nemeth@numbertext.org> 2022-03-01 17:53:01 +0100 commit 0d29394598db2e336a9982cbb7041ea407b2bf6d (patch) tree 13fccc70320e734ce09f11e6e3f6c68e9da49dd1 parent 16665c48fef0ac178f224cccb1ddced69311835c (diff) tdf#147126 sw: fix missing as_char anchoring of group textboxes
Created attachment 180151 [details] Before crash in 7.3 Hi there. The above mentioned commit could not caused the crash in the case of the second example file, because the bug persist in 7.3 too. To test: 1) Open the https://bugs.documentfoundation.org/attachment.cgi?id=178611&action=edit (Sample file2) 2) Change the anchor of the first shape (in order to can go inside of the group) 3) Go inside the group and add a textbox to the red circle. (Right click on it, add textbox in the context menu) 4) Change back the anchor to As_Char Now ready the file for testing: do the ctrl+c ctrl+v and ctrl+z actions as mentioned before. ->Crash. Tested with: Version: 7.3.3.2 (x64) / LibreOffice Community Build ID: d1d0ea68f081ee2800a922cac8f79445e4603348 CPU threads: 8; OS: Windows 10.0 Build 19043; UI render: Skia/Raster; VCL: win Locale: hu-HU (hu_HU); UI: hu-HU Calc: CL Kindly asking for re-bibisecting. Thank you. I also will try.
Created attachment 180153 [details] The second example without crash It seems to me, i have found the problem: Before both file in this ticked crashed due to the above bibisected commit what has been fixed with the commit mentioned 2 comments of this above. But the second file still crashes because of the outlining. If i remove that from the file, it will work fine, as this modified example. With a simple diff the problem can be seen.