Description of problem: I was cutting and pasting a complex nested table from one document to a new, blank document. There were also many comments attached to the table. Version-Release number of selected component: libreoffice-core-3.5.6.2-2.fc17 Additional info: libreport version: 2.0.14 abrt_version: 2.0.12 backtrace_rating: 4 cmdline: /usr/lib64/libreoffice/program/soffice.bin --writer --splash-pipe=6 crash_function: GetDoc kernel: 3.5.4-1.fc17.x86_64 truncated backtrace: :Thread no. 1 (10 frames) : #0 GetDoc at /usr/src/debug/libreoffice-3.5.6.2/solver/unxlngx6.pro/inc/svl/smplhint.hxx:69 : #2 SwPageFrm::PreparePage at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/layout/pagechg.cxx:530 : #3 SwFrm::InsertPage at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/layout/pagechg.cxx:1350 : #4 SwFrm::GetNextSctLeaf at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/layout/sectfrm.cxx:1667 : #5 SwFlowFrm::MoveFwd at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/layout/flowfrm.cxx:1946 : #6 SwTabFrm::MakeAll at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/layout/tabfrm.cxx:2554 : #7 SwFrm::PrepareMake at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/layout/calcmove.cxx:386 : #8 Calc at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/inc/frame.hxx:1056 : #9 CalcCntnt at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/layout/fly.cxx:1601 : #10 SwLayoutFrm::FormatWidthCols at /usr/src/debug/libreoffice-3.5.6.2/sw/source/core/layout/wsfrm.cxx:3512
can't figure out what the problem is from the stack trace. can you reproduce the problem, and attach a document and steps how to reroduce it? pagechg.cxx:530 SwDoc *pDoc = GetFmt()->GetDoc(); probably GetFmt() returns null here but in that case it should have crashed in SwPageFrm's ctor already...
Many thanks for the prompt response. Unfortunately, I no longer have the original document and cannot reproduce. I'll reopen if I encounter the problem again.
Created attachment 705111 [details] Test case I had Writer crash while doing a find and replace operation, and ABRT pointed me here saying the bug had already been reported. I guess I have a test case now! 1. Open find-and-replace-crash.odt; 2. CTRL+H; 3. Type "Cindy" in "Search for" box; 4. Type "Hello" in "Replace with" box; 5. Notice "Replace All" button is disabled; 6. Click "Replace" over and over again as fast as possible; 7. Writer crashes, apparently after clicking "Replace" when there are no more occurrences left. I can reproduce the crash consistently (I've done it four times now), but only if I click "Replace" fast enough.
(In reply to comment #3) > Created attachment 705111 [details] > Test case > > I had Writer crash while doing a find and replace operation, and ABRT > pointed me here saying the bug had already been reported. I guess I have a > test case now! > > 1. Open find-and-replace-crash.odt; > 2. CTRL+H; 2.5. check Comments in More Options > 3. Type "Cindy" in "Search for" box; > 4. Type "Hello" in "Replace with" box; > 5. Notice "Replace All" button is disabled; > 6. Click "Replace" over and over again as fast as possible; > 7. Writer crashes, apparently after clicking "Replace" when there are no > more occurrences left. > > I can reproduce the crash consistently (I've done it four times now), but > only if I click "Replace" fast enough. Yup, crashes with 3.5, but not with 3.6 (Fedora 18). Since this seems to be a quite uncommon operation, I do not think that we need to look for the fix to backport it. Anyway, thanks for the reproducer.