Steps how to reproduce with parallel installation of Master "LOdev 4.0.0.0.alpha0+ - ENGLISH UI / German Locale [Build ID: a2b3ee)]" {tinderbox: @6, pull time 2012-11-13 06:07:28} on German WIN7 Home Premium (64bit) with separate /4 User Profile for Master Branch: 1. Start LibO 2. From LibO Start Center open new Writer Document 3. Menu 'HELP -> Common Help Topics -> General Information -> General Glossary' 4. Use Scroll slider to scroll down to the bottom quickly > CRASH
Already [Reproducible] with server-installation of Master "3.7.0alpha0+ – WIN7 Home Premium (64bit) ENGLISH UI [Build ID: b255de8]" (tinderbox: Win-x86@6-fast, pull time 2012-06-05 23:16:58)
I checked quite a lot Help pages, no other one crashed, but for that one the crash is 100% reproducible for me with quick scroll short moment after having reached page. It seems that the page contents still needs to be updated, and if I start scrolling too early and too fast I scroll to Nirvana?
Confirmed on Mac OS X 10.6.8 (Intel), so a cross-platform bug: REPRODUCIBLE with LOdev 4.0.0.0.alpha0+ (Build ID: 32315e; pull time: 2012-11-13 00:32:26), from http://dev-builds.libreoffice.org/daily/MacOSX-Intel@27-OSX_10.7.0-gcc_4.2.1_llvm/master/2012-11-13_00.32.26/ If I follow Rainer’s instructions from comment #1, I get a crash when scrolling down fast that specific help page. This bug is not in LibreOffice 3.6.3.2, so added keyword “regression”. I will attach the log file created by Mac OS X for that crash, containing a simple backtrace.
Created attachment 70002 [details] Crash log for bug 57059, LOdev 2012-11-13 on Mac OS X 10.6.8
A better trace with symbols is: (gdb) bt #0 0xb7fdc424 in __kernel_vsyscall () #1 0xb7c6631f in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #2 0xb7c67c03 in __GI_abort () at abort.c:91 #3 0xb7e7a01d in __gnu_cxx::__verbose_terminate_handler () at ../../../../libstdc++-v3/libsupc++/vterminate.cc:95 #4 0xb7e77c93 in __cxxabiv1::__terminate (handler=0xb7e79ed0 <__gnu_cxx::__verbose_terminate_handler()>) at ../../../../libstdc++-v3/libsupc++/eh_terminate.cc:40 #5 0xb7e77ccf in std::terminate () at ../../../../libstdc++-v3/libsupc++/eh_terminate.cc:50 #6 0xb7e77f6e in __cxxabiv1::__cxa_throw (obj=0xa66fce0, tinfo=0xb7f09b80 <typeinfo for std::bad_alloc>, dest= 0xb7e75dd0 <std::bad_alloc::~bad_alloc()>) at ../../../../libstdc++-v3/libsupc++/eh_throw.cc:83 #7 0xb7e7859e in operator new (sz=4294967176) at ../../../../libstdc++-v3/libsupc++/new_op.cc:58 #8 0xb7e7864b in operator new[] (sz=4294967176) at ../../../../libstdc++-v3/libsupc++/new_opv.cc:33 #9 0xb6c2f58b in Bitmap::ImplCalculateContributions (aSourceSize=1, aDestinationSize=-15, aNumberOfContributions=@0xbfffd1c8: 1, pWeights= @0xbfffd1cc: 0xa69e5a8, pPixels=@0xbfffd1d0: 0xb01a2e0, pCount=@0xbfffd1d4: 0xa66fe40, aKernel=...) at /home/opt/libreoffice/re-base/vcl/source/gdi/bitmap3.cxx:2224 #10 0xb6c2faa7 in Bitmap::ImplScaleConvolution (this=0xbfffd70c, rScaleX=@0xbfffd2e8: 1, rScaleY=@0xbfffd2f0: -15, aKernel=...) at /home/opt/libreoffice/re-base/vcl/source/gdi/bitmap3.cxx:2196 #11 0xb6c2fc7b in Bitmap::Scale (this=0xbfffd70c, rScaleX=@0xbfffd2e8: 1, rScaleY=@0xbfffd2f0: -15, nScaleFlag=6) at /home/opt/libreoffice/re-base/vcl/source/gdi/bitmap3.cxx:901 #12 0xb6c38edd in BitmapEx::Scale (this=0xbfffd70c, rScaleX=@0xbfffd2e8: 1, rScaleY=@0xbfffd2f0: -15, nScaleFlag=6) at /home/opt/libreoffice/re-base/vcl/source/gdi/bitmapex.cxx:353 #13 0xb072604f in SwPageFrm::PaintBorderAndShadow (_rPageRect=SwRect = {...}, _pViewShell=0xa87f318, bPaintLeftShadow=true, bPaintRightShadow= true, bRightSidebar=true) at /home/opt/libreoffice/re-base/sw/source/core/layout/paintfrm.cxx:5795 #14 0xb07301a3 in SwRootFrm::Paint (this=0xa87f540, rRect=SwRect = {...}, pPrintData=0x0) at /home/opt/libreoffice/re-base/sw/source/core/layout/paintfrm.cxx:3132 #15 0xb08e5627 in ViewShell::Paint (this=0xa87f318, rRect=Rectangle = {...}) at /home/opt/libreoffice/re-base/sw/source/core/view/viewsh.cxx:1786 #16 0xb058a727 in SwCrsrShell::Paint (this=0xa87f318, rRect=Rectangle = {...}) at /home/opt/libreoffice/re-base/sw/source/core/crsr/crsrsh.cxx:1172 #17 0xb09fe37f in SwEditWin::Paint (this=0xa9a0828, rRect=Rectangle = {...}) at /home/opt/libreoffice/re-base/sw/source/ui/docvw/edtwin2.cxx:535 #18 0xb6d982be in Window::ImplCallPaint (this=0xa9a0828, pRegion=0x0, nPaintFlags=48) at /home/opt/libreoffice/re-base/vcl/source/window/window.cxx:2464 #19 0xb6d98600 in Window::Update (this=0xa9a0828) at /home/opt/libreoffice/re-base/vcl/source/window/window.cxx:7515 #20 0xb08e6779 in ViewShell::VisPortChgd (this=0xa87f318, rRect=SwRect = {...}) at /home/opt/libreoffice/re-base/sw/source/core/view/viewsh.cxx:1191 #21 0xb058a64f in SwCrsrShell::VisPortChgd (this=0xa87f318, rRect=SwRect = {...}) at /home/opt/libreoffice/re-base/sw/source/core/crsr/crsrsh.cxx:1210 #22 0xb0a8aa03 in SwView::SetVisArea (this=0xa878c90, rRect=Rectangle = {...}, bUpdateScrollbar=0 '\000') at /home/opt/libreoffice/re-base/sw/source/ui/uiview/viewport.cxx:268 #23 0xb0a889b2 in SwView::SetVisArea (this=0xa878c90, rPt=Point = {...}, bUpdateScrollbar=0 '\000') And it seems the arithmetic error is: (gdb) up #13 0xb072604f in SwPageFrm::PaintBorderAndShadow (_rPageRect=SwRect = {...}, _pViewShell=0xa87f318, bPaintLeftShadow=true, bPaintRightShadow= true, bRightSidebar=true) at /home/opt/libreoffice/re-base/sw/source/core/layout/paintfrm.cxx:5795 5795 aPageRightShadow.Scale( 1, aPagePxRect.Height() - 2 * (mnShadowPxWidth - 1) ); (gdb) l 5790 pOut->DrawBitmapEx( pOut->PixelToLogic( Point( aPaintRect.Right() + 1, aPagePxRect.Bottom() + 1 - (aPageBottomRightShadow.GetSizePixel().Height() - mnShadowPxWidth) ) ), 5791 aPageBottomRightShadow ); 5792 pOut->DrawBitmapEx( pOut->PixelToLogic( Point( aPaintRect.Right() + 1, aPagePxRect.Top() - mnShadowPxWidth ) ), 5793 aPageTopRightShadow ); 5794 BitmapEx aPageRightShadow = aPageRightShadowBase; 5795 aPageRightShadow.Scale( 1, aPagePxRect.Height() - 2 * (mnShadowPxWidth - 1) ); 5796 lcl_paintBitmapExToRect(pOut, Point( aPaintRect.Right() + mnShadowPxWidth, aPagePxRect.Top() + mnShadowPxWidth - 1), aPageRightShadow, RIGHT ); 5797 } 5798 5799 // Left shadows and corners (gdb) p aPagePxRect.Height() Cannot evaluate function -- may be inlined (gdb) p aPagePxRect $4 = SwRect = {point = Point = {x = 14, y = 835}, size = Size = {width = 76, height = 1}} (gdb) p mnShadowPxWidth $5 = 9 '\t'
thanks for the report - pushed a fix to master; looks like this could well be in 3.6 as well (not sure if people have seen it there).
Michael Meeks committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=9b3d96fddd214b808f241197c42af0434c6bba82 fdo#57059 - fix crasher rendering borders for very small windows. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
VERIFIED as FIXED with LOdev 4.0.0.0.alpha1+ (Build ID: 6aabe09ac092c51d4b394bde9c7ea0055b952e3; pull time: 2012-11-26 00:28:52) on Mac OS X 10.6.8 (Intel). No crash anymore. @ Michael Meeks: Thank you very much for fixing this!