I found an easily reproducible crash in LibreOffice Impress. Reproducer: - create a new impress document - click cancel in the template selection dialog - type the following in a textbox: x<return><return>y - press cursor-left - press shift + cursor-left to select the linebreak / paragraph - open the format - char dialog and watch LibreOffice crashing This is reproducable in (at least) 6.0.0.0 alpha0+ and 5.4.1.2
Thanks for reporting this issue. Reproduced in - Version: 6.0.0.0.alpha1+ Build ID: 6070dec9ca9a15587a2aece81f9ae1ab5ac0f8c4 CPU threads: 4; OS: Linux 4.10; UI render: default; VCL: gtk3; Locale: ca-ES (ca_ES.UTF-8); Calc: group - Version: 5.2.0.0.alpha1+ Build ID: 5b168b3fa568e48e795234dc5fa454bf24c9805e CPU Threads: 4; OS Version: Linux 4.8; UI Render: default; Locale: ca-ES (ca_ES.UTF-8) - Version: 4.3.0.0.alpha1+ Build ID: c15927f20d4727c3b8de68497b6949e72f9e6e9e - Version 4.1.0.0.alpha0+ (Build ID: efca6f15609322f62a35619619a6d5fe5c9bd5a) but not in - LibreOffice 3.3.0 OOO330m19 (Build:6) tag libreoffice-3.3.0.4
Created attachment 137538 [details] gdb backtrace
Regression introduced in range https://cgit.freedesktop.org/libreoffice/core/log/?qt=range&q=64ab96cd15e52da88781e720d6f031dbcd0ba902..683928f27cb34fcfaf071fde5c308848ab3b4786
Regression introduced by: author Michael Stahl <mstahl@redhat.com> 2012-10-14 19:10:38 (GMT) committer Michael Stahl <mstahl@redhat.com> 2012-10-14 19:14:25 (GMT) commit 3d1f4649ee72dd85e1d994ac2bdccc3147830bbd (patch) tree c74d2babd65a26f364db5e0262fff2c1c2f28c55 parent 86b6bf6e53c234e3df951ebb08513b0d4fc47a14 (diff) FontPrevWin_Impl::CheckScript(): assert that there is text: If there is no preview text here then aTextWidth will have no entries and we crash when writing to the non-existing first element. aText should come from the current SfxViewShell, from the font name (unless that is ambiguous, e.g. a selection of text with multiple fonts), or the Window text (Window::GetText(), whatever that is). Adding Cc: to Michael Stahl
Michael: as you may have seen, I put you in cc for reviewing https://gerrit.libreoffice.org/#/c/44513/ (let's increase the importance of the bugtracker since it's a crash + regression)
*** Bug 113940 has been marked as a duplicate of this bug. ***
Julien Nabet committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=3f289fef2f2b00dcca4948dd9fb2ba2c493fac6f tdf#113657: fix crash when trying to format empty paragraph It will be available in 6.0.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Let's put this one to FIXED For 5.4, the patch is on gerrit: https://gerrit.libreoffice.org/#/c/45151/
Julien Nabet committed a patch related to this issue. It has been pushed to "libreoffice-5-4": http://cgit.freedesktop.org/libreoffice/core/commit/?id=479719b1f53cb5f44bbcc57e75dad1aae604cd20&h=libreoffice-5-4 tdf#113657: fix crash when trying to format empty paragraph It will be available in 5.4.4. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.