Created attachment 178614 [details] sample file Steps to reproduce: 1. Open attached document 2. Select all 3 times 3. Copy 4. Paste 5. Undo Reproduced in Version: 7.4.0.0.alpha0+ / LibreOffice Community Build ID: c97a3592c78ce276a353f95ce68c70a8a39174a0 CPU threads: 8; OS: Linux 5.10; UI render: default; VCL: gtk3 Locale: es-ES (es_ES.UTF-8); UI: en-US Calc: threaded and Version: 6.4.0.0.alpha1+ Build ID: 9bc848cf0d301aa57eabcffa101a1cf87bad6470 CPU threads: 8; OS: Linux 5.10; UI render: default; VCL: gtk3; Locale: es-ES (es_ES.UTF-8); UI-Language: en-US Calc: threaded
Also reproduced in Version: 5.2.0.0.alpha0+ Build ID: 3ca42d8d51174010d5e8a32b96e9b4c0b3730a53 Threads 4; Ver: 5.10; Render: default; Locale: en-US (en_US.UTF-8)
Not reproduced in Version: 4.3.0.0.alpha1+ Build ID: c15927f20d4727c3b8de68497b6949e72f9e6e9e
I confirm it with Version: 7.3.1.3 (x64) / LibreOffice Community Build ID: a69ca51ded25f3eefd52d7bf9a5fad8c90b87951 CPU threads: 4; OS: Windows 10.0 Build 19044; UI render: Skia/Raster; VCL: win Locale: de-DE (de_DE); UI: en-GB Calc: CL https://crashreport.libreoffice.org/stats/crash_details/14829a4b-993f-43e8-82e7-cc8c65593f9b
This seems to have begun at the below commit. Adding Cc: to Michael Stahl ; Could you possibly take a look at this one? Thanks bibisect-50max$ 3551e5dfdb75ecca07f759422bda10d3a7117489 is the first bad commit commit 3551e5dfdb75ecca07f759422bda10d3a7117489 Author: Matthew Francis <mjay.francis@gmail.com> Date: Wed May 27 21:08:00 2015 +0800 source-hash-b24a15a0aaea310806259eaa20a7d509ce30e5c8 commit b24a15a0aaea310806259eaa20a7d509ce30e5c8 Author: Michael Stahl <mstahl@redhat.com> AuthorDate: Thu Apr 2 23:33:41 2015 +0200 Commit: Michael Stahl <mstahl@redhat.com> CommitDate: Thu Apr 2 23:53:30 2015 +0200 sw: fix crash on SwUndoDelete after select-all with table at start Somehow the Redo leaves the shell cursor at an invalid offset into the paragraph, which then leads to out-of-bounds string access. Noticed that SwUndRng::SetPaM() leaves an invalid nContent.m_nIndex on the start position, due to a surprising omission in SwIndex::ChgValue(). (regression from 555ff26501d1bbd8a7872c20671c6303db1e1701) Change-Id: I6e6ad7f70835d7e9d6da1fb680e2ae15469fad71
Assertion failed: (pTextNd), function UndoImpl, file undel.cxx, line 918. * thread #1, queue = 'com.apple.main-thread', stop reason = hit program assert frame #4: 0x0000000173e6a668 libswlo.dylib`SwUndoDelete::UndoImpl(this=0x0000600003ac9380, rContext=0x00007ff7bfefc130) at undel.cxx:918:13 915 lcl_ReAnchorAtContentFlyFrames(*rDoc.GetSpzFrameFormats(), aPos, nOldIdx); 916 pTextNd = aPos.nNode.GetNode().GetTextNode(); 917 } -> 918 assert(pTextNd); // else where does m_aEndStr come from? 919 if( pTextNd ) 920 { 921 OUString const ins( pTextNd->InsertText(*m_aEndStr, aPos.nContent,
Created attachment 180742 [details] Backtrace Attaching backtrace taken with LO 7.5.0.0.alpha0+ (3ad12672e924f7aef394119f9fe5f0b06a900b9e) debug build.
*** Bug 149500 has been marked as a duplicate of this bug. ***
*** Bug 147197 has been marked as a duplicate of this bug. ***
Un-Cc-ing Michael - this was fixing one obvious crash, has been in the code base for >7 years, and is in an area where you can't win really (~every change causing regressions). No cycles currently to address this.
No crash (but maybe some assert?) Version: 7.6.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: c4a58634753a84b09f20f7271d6525a6656522d3 CPU threads: 4; OS: Windows 6.3 Build 9600; UI render: Skia/Raster; VCL: win Locale: nl-NL (nl_NL); UI: en-US Calc: CL threaded
No crash with recent debug master build either: Version: 7.6.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 1b463f697405e64a03378fb38a32172c4d3c25e6 CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded Closing as Works for me, but wouldn't mind another confirmation from someone who has reproduced in the past.