Since upgrading to LO 7.5.1.2, LO Writer crashes every time I attempt to re-order a heading using drag/drop in the Headings Content Navigation View. Upon LO restart/recovery, the re-ordering has actually been completed. Same problem occurs in Safe-mode. Happens in any document, short or long. Note that clicking the Move Chapter buttons reorders as expected without problem. I'm on Linux Mint 21.1 using the Ubuntu PPA and this problem wasn't present in the 7.4 version. As a double-check I tried the current AppImage versions in normal and safe-mode, results are: - v7.4.6 Works correctly. - v7.5.1 Drag/drop fails as described. The issue seems similar to Bug 132477 but that was a few years ago. My LO Version Information is: Version: 7.5.1.2 (X86_64) / LibreOffice Community Build ID: 50(Build:2) CPU threads: 2; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-GB (en_GB.UTF-8); UI: en-GB Ubuntu package version: 4:7.5.1~rc2-0ubuntu0.22.04.1~lo1 Calc: threaded Crash Report is: https://crashreport.libreoffice.org/stats/crash_details/541c12d3-22ba-4c39-b8e4-ab02a8c7c33b
Reproduced. Drag-and-dropping the headings crashes Writer in a trunk build from today too: Version: 7.6.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 44837a12d12be3e525fa48b37c3dd2553cc97d94 CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded Likely linked to the new feature from bug 145359 but will check now.
Doesn't seem to affect Windows 10. Signature probably makes it gtk-specific. I could also crash it before, before Jim's addition, with many successive drag and drops eventually resulting in: https://crashreport.libreoffice.org/stats/crash_details/21d10262-85d4-4d46-a02a-adb3967a5613 in: Version: 7.4.6.2 / LibreOffice Community Build ID: 5b1f5509c2decdade7fda905e3e1429a67acd63d CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded and: Version: 7.3.7.2 / LibreOffice Community Build ID: e114eadc50a9ff8d8c8a0567d6da8f454beeb84f CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded Could not reproduce in: Version: 7.2.7.2 / LibreOffice Community Build ID: 8d71d29d553c0f7dcbfa38fbfda25ee34cce99a2 CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded Will have a go at bisecting.
Created attachment 186023 [details] bt with debug symbols On pc Debian x86-64 with master sources updated today + gtk3 rendering, I could reproduce this. With gen and kf5 renderings, impossible to reorder and I noticed these: warn:svtools.contnr:25559:25565:vcl/source/treelist/treelistbox.cxx:1022: SvTreeListBox::QueryDrop(): no format
Caolán: it seems gtk specific, I think you might be interested in this one.
Crash is instant on first drag in 7.5 and 7.6, but takes a few goes before those versions, so I don't think I was seeing the same thing in previous versions. Bibisected the instant crash with gtk3 vcl and linux-64-7.5 repo to first bad commit 00c1911de432173d6f46f6f1cac9321d8f017ff6 which points to fix for bug 149412: commit e033e1f2a8e202f5ded99729fe896f72e9a0c3be author Caolán McNamara <caolanm@redhat.com> Thu Jan 19 11:13:50 2023 +0000 committer Adolfo Jayme Barrientos <fitojb@ubuntu.com> Fri Jan 20 13:52:26 2023 +0000 tdf#149412 gtk3: show all selected rows in dnd icon otherwise it looks like only one row is getting moved Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145820
I think that commit made this more frequent, but we might have had it as a bug for much longer ==3221972== Invalid read of size 8 ==3221972== at 0x23F281DA: gtk_drag_begin_internal (gtkdnd.c:1801) ==3221972== by 0x23F2886F: gtk_drag_begin_with_coordinates (gtkdnd.c:1995) ==3221972== by 0x23845075: (anonymous namespace)::GtkInstanceWidget::signal_motion(_GdkEventMotion const*) (gtkinst.cxx:3139) ==3221972== by 0x23844F09: (anonymous namespace)::GtkInstanceWidget::signalMotion(_GtkWidget*, _GdkEventMotion*, void*) (gtkinst.cxx:3130) ==3221972== by 0x23C0FC56: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:84) ==3221972== by 0x1378C05F: g_closure_invoke (gclosure.c:832) ==3221972== by 0x137B8F65: signal_emit_unlocked_R.isra.0 (gsignal.c:3796) ==3221972== by 0x137A8ED5: g_signal_emit_valist (gsignal.c:3559) ==3221972== by 0x137A96F2: g_signal_emit (gsignal.c:3606) ==3221972== by 0x23EF1073: gtk_widget_event_internal.part.0.lto_priv.0 (gtkwidget.c:7812) ==3221972== by 0x23D825AD: UnknownInlinedFun (gtkmain.c:2588) ==3221972== by 0x23D825AD: propagate_event.lto_priv.0 (gtkmain.c:2691) ==3221972== by 0x23D83320: UnknownInlinedFun (gtkmain.c:1921) ==3221972== by 0x23D83320: gtk_main_do_event (gtkmain.c:1691) ==3221972== Address 0x2c7d8070 is 0 bytes inside a block of size 16 free'd ==3221972== at 0x48460E4: free (vg_replace_malloc.c:884) ==3221972== by 0x1383388C: g_free (gmem.c:229) ==3221972== by 0x1384E093: g_slice_free1 (gslice.c:1185) ==3221972== by 0x23CD7A08: gtk_drag_source_set (gtkdragsource.c:162) ==3221972== by 0x23ED1EAB: gtk_tree_view_enable_model_drag_source (gtktreeview.c:14303) ==3221972== by 0x23877F41: (anonymous namespace)::GtkInstanceTreeView::drag_source_set(std::__debug::vector<_GtkTargetEntry, std::allocator<_GtkTargetEntry> > const&, GdkDragAction) (gtkinst.cxx:16279) ==3221972== by 0x238440B3: (anonymous namespace)::GtkInstanceWidget::do_enable_drag_source(rtl::Reference<TransferDataContainer> const&, unsigned char) (gtkinst.cxx:2707) ==3221972== by 0x23877E99: (anonymous namespace)::GtkInstanceTreeView::enable_drag_source(rtl::Reference<TransferDataContainer>&, unsigned char) (gtkinst.cxx:16270) ==3221972== by 0x36AAE6D2: SwContentTree::DragBeginHdl(bool&) (content.cxx:1227) ==3221972== by 0x36AAE2CE: SwContentTree::LinkStubDragBeginHdl(void*, bool&) (content.cxx:1180) ==3221972== by 0x238D38DA: Link<bool&, bool>::Call(bool&) const (link.hxx:111) ==3221972== by 0x23878D2D: (anonymous namespace)::GtkInstanceTreeView::do_signal_drag_begin(bool&) (gtkinst.cxx:16520)
(In reply to Caolán McNamara from comment #6) > I think that commit made this more frequent, but we might have had it as a > bug for much longer I agree, I was able to crash it as far back as 7.2 but I could not find a consistent way to do it.
Caolán McNamara committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/fd32093df9fdf5d46ed4def9fd8dada7d0d5e361 tdf#154232 signal_drag_begin callback can delete current GtkTargetList It will be available in 7.6.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-7-4": https://git.libreoffice.org/core/commit/9cb9bda78a7e47c4948e6ef2702f07460b22050a tdf#154232 signal_drag_begin callback can delete current GtkTargetList It will be available in 7.4.7. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-7-5": https://git.libreoffice.org/core/commit/c4f29ffc62af42365c983f4dc3514b2f8633c095 tdf#154232 signal_drag_begin callback can delete current GtkTargetList It will be available in 7.5.3. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-7-5-2": https://git.libreoffice.org/core/commit/ee55e17b556753e9853219dbeee9a10da18cd608 tdf#154232 signal_drag_begin callback can delete current GtkTargetList It will be available in 7.5.2. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Thanks Caolán! Verified as fixed in: Version: 7.6.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 0d18262789fbe95eafe32bd775a9827ed99685ef CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded
I've tested LO 7.5.2.2 via Ubuntu PPA. Mouse drag/drop in Navigator Heading view now works correctly with no crashes. Thanks for speedy resolution.