Bug 160917 - Crash when opening and closing Tabbed UI's hamburger/cog menu while UI loading in Writer
Summary: Crash when opening and closing Tabbed UI's hamburger/cog menu while UI loadin...
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: UI (show other bugs)
Version:
(earliest affected)
6.4.0.3 release
Hardware: x86-64 (AMD64) Linux (All)
: low critical
Assignee: Not Assigned
URL:
Whiteboard:
Keywords: bibisected, bisected, haveBacktrace, regression
Depends on:
Blocks: GTK3 Notebookbar-Tabbed Crash
  Show dependency treegraph
 
Reported: 2024-05-03 03:19 UTC by Stéphane Guillou (stragu)
Modified: 2024-05-08 09:36 UTC (History)
2 users (show)

See Also:
Crash report or crash signature: ["libmergedlo.so","vcl::Window::GetWindowExtentsRelative(vcl::Window const*) const","vcl::Window::ImplGetWindowExtentsRelative(vcl::Window const*) const","vcl::Window::ImplGetWindowExtentsRelative"]

Attachments
crash minidump (750.25 KB, application/vnd.tcpdump.pcap)
2024-05-03 03:19 UTC, Stéphane Guillou (stragu) 		Details
screencast (3.23 MB, video/webm)
2024-05-03 12:05 UTC, Stéphane Guillou (stragu) 		Details
gdb bt (10.67 KB, text/plain)
2024-05-04 10:42 UTC, Julien Nabet 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stéphane Guillou (stragu) 2024-05-03 03:19:44 UTC 
Created attachment 193945 [details]
crash minidump

Steps:
0. Use the tabbed UI with View > User Interface
1. Close LO completely
2. Open Writer
3. Very quickly click the right-hand-side hamburger/cog menu
4. Wait for the menu to open and the UI to finish loading
5. Click elsewhere to close the menu, e.g. on document canvas

Result: crash

I could only reproduce with the gtk3 VCL plugin. I couldn't reproduce in Draw or Calc.

Repro on Ubuntu 22.04 + GNOME 42.9 and:
Version: 24.8.0.0.alpha0+ (X86_64) / LibreOffice Community
Build ID: ce454f382d0d005dd3de021c7820be3ffa0bb582
CPU threads: 8; OS: Linux 6.5; UI render: default; VCL: gtk3
Locale: en-AU (en_AU.UTF-8); UI: en-US
Calc: CL threaded

- 24.2.2.2: https://crashreport.libreoffice.org/stats/crash_details/26fe3353-8f84-4907-99cc-6af5f8b9d29e
- 7.6.6.3 with signature "vcl::Window::GetWindowExtentsRelative(vcl::Window const*) const": https://crashreport.libreoffice.org/stats/crash_details/922a5571-00b2-4861-a68a-45dcfa454d04
- 7.3.0.3, as above: https://crashreport.libreoffice.org/stats/crash_details/60b9604c-0945-4b37-979a-f6859bd6298b
- 7.2.0.4 with signature "vcl::Window::ImplGetWindowExtentsRelative(vcl::Window const*) const": https://crashreport.libreoffice.org/stats/crash_details/9cbe59ad-02f3-4e3b-bf21-a0206c44f587
- 7.1.0.3 with signature "vcl::Window::ImplGetWindowExtentsRelative": https://crashreport.libreoffice.org/stats/crash_details/51ac6e2a-8d9b-4c5c-a2fe-c771c8b4c959
- 6.4.0.3, as above: https://crashreport.libreoffice.org/stats/crash_details/188c1ad4-9397-46de-aefd-39d9b1c6003e

Bibisected with linux-64-6.4 to first bad build [059faab4dd14e46b04bda51715362300da7f60ee] which points to:

commit 4ae5fe896e96d082e21788ae6d42a67133567ba7
author	Jim Raykowski 	Sat Nov 09 16:07:09 2019 -0900
committer	Xisco Faulí 	Mon Nov 11 11:04:56 2019 +0100
tdf#118526 Reload Notebookbar if read mode has switched
Reviewed-on: https://gerrit.libreoffice.org/82371

Jim, can you please have a look?
Comment 1 Julien Nabet 2024-05-03 08:57:13 UTC 
On pc Debian x86-64 with master sources updated today, I fail to reproduce, I supposed I missed something.
Would it be possible to have a screencast?

Also I don't understand why you put "critical" whereas:
- you put low importance
- it's tabbed UI (not the mainstream interface)
- since you indicated in 3) "Very quickly click", I suppose it's not easy to reproduce.
- gtk3 only (so Windows, macOS not concerned, idem for those using gen or kf5 rendering)
Comment 2 Stéphane Guillou (stragu) 2024-05-03 11:54:07 UTC 
(In reply to Julien Nabet from comment #1)
> On pc Debian x86-64 with master sources updated today, I fail to reproduce,
> I supposed I missed something.
> Would it be possible to have a screencast?
Will try.
> Also I don't understand why you put "critical" whereas:
> - you put low importance
> - it's tabbed UI (not the mainstream interface)
> - since you indicated in 3) "Very quickly click", I suppose it's not easy to
> reproduce.
> - gtk3 only (so Windows, macOS not concerned, idem for those using gen or
> kf5 rendering)
I get that it feels contradictory. Critical severity because it's a crash, as per [1], but low priority because of the reasons you listed. Always tricky to pick one, happy for others to tweak if they see fit.

[1]: https://wiki.documentfoundation.org/images/0/06/Prioritizing_Bugs_Flowchart.jpg
Comment 3 Stéphane Guillou (stragu) 2024-05-03 12:05:05 UTC 
Created attachment 193951 [details]
screencast

Same with Wayland and Xwayland windows.
Comment 4 Julien Nabet 2024-05-04 10:42:56 UTC 
Created attachment 193966 [details]
gdb bt

Thank you Stéphane for the screencast, I could reproduce this on pc Debian x86-64 with master sources updated today.
Comment 5 Julien Nabet 2024-05-04 11:32:02 UTC 
BTW, I also noticed this on console:
warn:vcl.builder:534767:534767:vcl/source/window/builder.cxx:3522: probably need to implement NotebookBarAddonsMenuMergePoint
Comment 6 Jim Raykowski 2024-05-04 17:27:20 UTC 
I haven't been able to repro the crash using recent master debug and non-debug builds.

Ubuntu 22.04.4 LTS
libgtk-3-0:amd64 3.24.33-1ubuntu2

I do see in the console:

warn:vcl.builder:534767:534767:vcl/source/window/builder.cxx:3522: probably need to implement NotebookBarAddonsMenuMergePoint
Comment 7 Jim Raykowski 2024-05-04 19:22:08 UTC 
(In reply to Stéphane Guillou (stragu) from comment #0)
> Bibisected with linux-64-6.4 to first bad build
> [059faab4dd14e46b04bda51715362300da7f60ee] which points to:
> 
> commit 4ae5fe896e96d082e21788ae6d42a67133567ba7
> author	Jim Raykowski 	Sat Nov 09 16:07:09 2019 -0900
> committer	Xisco Faulí 	Mon Nov 11 11:04:56 2019 +0100
> tdf#118526 Reload Notebookbar if read mode has switched
> Reviewed-on: https://gerrit.libreoffice.org/82371
> 
I think code from this patch was removed by:

commit 68c96a54fef93b9f735aeb6c9ae07171e934132a
Author: Jim Raykowski <raykowj@gmail.com>, Sat Apr 4 17:36:22 2020 -0800
Committer: Noel Grandin <noel.grandin@collabora.co.uk>, Sun Apr 5 21:35:37 2020 +0200
tdf#131209 reload the notebook bar
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/91702
Comment 8 Stéphane Guillou (stragu) 2024-05-08 09:36:19 UTC 
(In reply to Jim Raykowski from comment #7)
> (In reply to Stéphane Guillou (stragu) from comment #0)
> > Bibisected with linux-64-6.4 to first bad build
> > [059faab4dd14e46b04bda51715362300da7f60ee] which points to:
> > commit 4ae5fe896e96d082e21788ae6d42a67133567ba7
> I think code from this patch was removed by:
> commit 68c96a54fef93b9f735aeb6c9ae07171e934132a
But I can still crash it in the same way at 68c96a54fef93b9f735aeb6c9ae07171e934132a (build [d1a552fed0df01b81fa22d4bda5fbf2403a1421b] in linux-64-7.0 bibisect repo), 68c96a54~1, and a current daily build...