Apache OpenOffice (AOO) Bugzilla – Issue 120020
Application crash when undo "Ctrl+Delete" under "Outline" view in SD.
Last modified: 2017-05-20 11:41:54 UTC
1. Launch Aoo then new a SD document. 2. Create 2 blank pages. 3. Switch to "Outline" view(Keep focus in Page2) 4. Press Ctrl+Delete. 5. Press Ctrl+Z,application crash.
I am looking at this bug.
Change project to presentation
Issue can be reproduced, change status to "Confirmed"
I can reproduce this crash on a 4.0 developer build (Windows7). After step 5 I have to insert some text to trigger the crash.
Created attachment 80882 [details] Do not delete linked undo actions. The crash is triggered in ~SfxLinkUndoAction() when the pAction member is accessed. This member is destroyed a little earlier by UndoManagerGuard(). The root cause is that undo actions are not reference counted and that ownership is not clearly defined. The attached patch prevents undo actions from being deleted in ~UndoManagerGuard() when they are linked. This would work under the assumption that linked actions would be destroyed by their owners. But that seems to not be the case. Therefore the patch prevents the crash for the cost of leaking undo action objects.
I produced the crash also occurs in OOo 3.1 and OOo 3.3 under Windows 7.
ALG: Can reproduce on Win7 on trunk. Also happens in 3.4.1 version. Also happens in OOo3.3 version. Also happens in OOo2.2 version. Seems to be a rather old crash, taking a look.
ALG: There is already some handling for the SfxUndoAction locally remembered inside of SfxLinkUndoAction to avoid deletion, but does not work everywhere. And it should be called a 'bad solution' that something like SfxLinkUndoAction exists at all, remembering an alien svl::IUndoManager and an alien SfxUndoAction in the local svl::IUndoManager. To generally fix this SfxUndoAction would need to be at least ref-counted, but also need a better relationship to their undo manager. This would be a big change, for now I will try to make it more safe in a simplified way.
ALG: Oops, forget to grab it. Experimenting with ownership...
ALG: Have now secured ownership, but executing the undo itself crashes, too. Looking why...
ALG: Reason is a wrong order in some cases of the two to-be-merged paragraphs (thats what happens here in the editengine). Corrected this in the called consumer, also asserting this situations since they produce an illegal SfxLinkUndoAction which will crash on execution. Also corrected the caller to behave nice.
ALG: This also brings ub the asserion error in non-pro mode when page numbers are not equal for a short moment. Secured that in SD with asserting directly without calling SlideSorterModel::GetPageDescriptor again (which causes the crash).
ALG: Preparing commit. Be warned that this change is highly incompatible (from the codebase hierarchy, not from the code ;-), so after it a rebuild from svl will be needed.
ALG: Okay, done.
grant showstopper flag, already fixed
Which revision number the fix goes?
ALG: it's r1495808, somehow the commit did not create an entry here automagically.
It is verified fixed in AOO 4.0 - revision 1496831