Bug 148949 - Libreoffice crash when trying to delete the "Standard" character style using API.
Summary: Libreoffice crash when trying to delete the "Standard" character style using ...
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Writer (show other bugs)
Version:
(earliest affected)
Inherited From OOo
Hardware: All All
: medium normal
Assignee: Not Assigned
URL:
Whiteboard:
Keywords: haveBacktrace
: 148950 (view as bug list)
Depends on:
Blocks: Writer-Styles-Character Macro-StarBasic Crash
  Show dependency treegraph
 
Reported: 2022-05-05 10:14 UTC by vatairethibault
Modified: 2024-05-01 04:28 UTC (History)
5 users (show)

See Also:
Crash report or crash signature: ["SwUndoFormatDelete::SwUndoFormatDelete","libswlo.so"]

Attachments
bt with debug symbols (14.25 KB, text/plain)
2022-05-05 11:46 UTC, Julien Nabet 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description vatairethibault 2022-05-05 10:14:08 UTC 
Description:
Libreoffice crash when trying to delete the "Standard" characters style using API.


Steps to Reproduce:
1. Open a Writer document
2. Open Tools > Macros > Organize Macros > Basic...
3. Edit a module and paste following content : 

Sub Writer
	thisComponent.StyleFamilies.getByName("CharacterStyles").removeByName("Standard")
End Sub

4. run the Writer function.


Actual Results:
LibreOffice crash immediately and the report dialog is displayed.

Crash report : https://crashreport.libreoffice.org/stats/crash_details/c04c4ad2-ceab-4e7e-918b-e3a0871d295a

Expected Results:
Libreoffice should not crash.


Reproducible: Always


User Profile Reset: Yes


Version: 7.1.4.2 / LibreOffice Community
Build ID: a529a4fab45b75fefc5b6226684193eb000654f6
CPU threads: 16; OS: Linux 5.10; UI render: default; VCL: gtk3
Locale: fr-FR (fr_FR.UTF-8); UI: fr-FR
Calc: threaded
Comment 1 Xisco Faulí 2022-05-05 11:16:14 UTC 
*** Bug 148950 has been marked as a duplicate of this bug. ***
Comment 2 Xisco Faulí 2022-05-05 11:17:38 UTC 
Reproduced in

Version: 7.4.0.0.alpha0+ / LibreOffice Community
Build ID: fd7e3c0b5983b73d9a433678fa85950c219ea4a6
CPU threads: 8; OS: Linux 5.10; UI render: default; VCL: gtk3
Locale: es-ES (es_ES.UTF-8); UI: en-US
Calc: threaded
Comment 3 Xisco Faulí 2022-05-05 11:24:45 UTC 
@Julien, @Mike, I thought you might be interested in this issue
Comment 4 Xisco Faulí 2022-05-05 11:26:45 UTC 
Also reproduced in

Version: 6.3.0.0.alpha1+
Build ID: c98b1f1cd43b3e109bcaf6324ef2d1f449b34099
CPU threads: 8; OS: Linux 5.10; UI render: default; VCL: gtk3; 
Locale: es-ES (es_ES.UTF-8); UI-Language: en-US
Calc: threaded
Comment 5 Julien Nabet 2022-05-05 11:46:19 UTC 
Created attachment 179944 [details]
bt with debug symbols

On pc Debian x86-64 with master sources updated today, I could reproduce this.
Comment 6 Julien Nabet 2022-05-05 11:50:31 UTC 
I tried this naive patch:
diff --git a/sw/source/core/undo/SwUndoFmt.cxx b/sw/source/core/undo/SwUndoFmt.cxx
index 110f138f5f3b..6f7855518271 100644
--- a/sw/source/core/undo/SwUndoFmt.cxx
+++ b/sw/source/core/undo/SwUndoFmt.cxx
@@ -99,7 +99,8 @@ SwUndoFormatDelete::SwUndoFormatDelete
       m_rDoc(rDoc), m_sOldName(_pOld->GetName()),
       m_aOldSet(_pOld->GetAttrSet())
 {
-    m_sDerivedFrom = _pOld->DerivedFrom()->GetName();
+    if (_pOld->DerivedFrom())
+        m_sDerivedFrom = _pOld->DerivedFrom()->GetName();
     m_nId = _pOld->GetPoolFormatId() & COLL_GET_RANGE_BITS;
     m_bAuto = _pOld->IsAuto();
 }

it won't crash the first time I run the macro but it crashes on a second time with this bt:
#0  SwClient::GetRegisteredIn() const (this=0x6666666600000001) at sw/inc/calbck.hxx:164
#1  0x00007f58c79db525 in SwFormat::DerivedFrom() const (this=0x6666666600000001) at sw/inc/format.hxx:128
#2  0x00007f58c79e9ad5 in SwFormat::IsDefault() const (this=0x6666666600000001) at sw/inc/format.hxx:129
#3  0x00007f58c8df50ab in lcl_FindCharFormat(SwDoc&, rtl::OUString const&, SwDocStyleSheet*, bool) (rDoc=..., rName="No Character Style", pStyle=0x58a2f30, bCreate=false)
    at sw/source/uibase/app/docstyle.cxx:146
#4  0x00007f58c8df2c03 in SwDocStyleSheet::FillStyleSheet(SwDocStyleSheet::FillStyleType, std::optional<SfxItemSet>*) (this=0x58a2f30, eFType=SwDocStyleSheet::FillOnlyName, o_ppFlatSet=0x0)
    at sw/source/uibase/app/docstyle.cxx:1878
#5  0x00007f58c8dfe859 in SwDocStyleSheetPool::Find(rtl::OUString const&, SfxStyleFamily, SfxStyleSearchBits) (this=0x58a3b10, rName="No Character Style", eFam=SfxStyleFamily::Char, n=SfxStyleSearchBits::All)
    at sw/source/uibase/app/docstyle.cxx:2603
#6  0x00007f58c8a26629 in sw::(anonymous namespace)::XStyleFamily::removeByName(rtl::OUString const&) (this=0x62c3cb0, rName="Standard") at sw/source/core/unocore/unostyle.cxx:1063

There must something really wrong but I don't know what.
Comment 7 Stéphane Guillou (stragu) 2024-05-01 04:28:44 UTC 
Still reproduced in recent daily build:

Version: 24.8.0.0.alpha0+ (X86_64) / LibreOffice Community
Build ID: f4ef5435df5560e6b6b061ce4053c71e2819bf51
CPU threads: 8; OS: Linux 6.5; UI render: default; VCL: gtk3
Locale: en-AU (en_AU.UTF-8); UI: en-US
Calc: CL threaded

Getting crash signature "libswlo.so" in 24.2.2: https://crashreport.libreoffice.org/stats/crash_details/9335bff0-065d-4fb3-8adc-6a1ecb80111f
And "SwUndoFormatDelete::SwUndoFormatDelete" in 6.2.0.3 and 6.3.0.4:
- https://crashreport.libreoffice.org/stats/crash_details/820f9935-060f-4ed7-b36d-c0e8298dbf1c
- https://crashreport.libreoffice.org/stats/crash_details/550ba548-9293-459e-8592-dd8d68dda885

Running the same macro in 6.1.0.3 and earlier, it does not crash, and instead can't find the "Standard" character style:

   BASIC runtime error.
   An exception occurred 
   Type: com.sun.star.container.NoSuchElementException
   Message: .

Name "Standard" exists since:

   commit 9d754a59154c40235c240bb0e7f47a2006fa85bd
   author	Miklos Vajna 	Mon Jul 09 18:03:04 2018 +0200
   committer	Miklos Vajna 	Mon Jul 09 20:04:26 2018 +0200
   sw: give the 'Default Style' char style a programmatic name
   Reviewed-on: https://gerrit.libreoffice.org/57191

(this is [eaeddeb2c1de88ee0ee9f4be7316efefe0e44f24] in linux-64-6.2 bibisect repo)

So one can crash it earlier than 6.2 by using e.g. "Default Style" instead.
Back in OOo 3.3, it would be "Default" and would crash all the same.

(Miklos, copying you in in case you're interested)