Description: When copy-pasting a selection that begins with a table and also includes text outside the table, undoing the paste removes more than what was pasted. It usually also removes the preceding paragraph. This easily leads to a crash if you continue to undo. Steps to Reproduce: I have attached a document to more easily repro the fault (the messed up undo). But to produce a crash it is easiest to do the steps in a new document. 1. Create a new document. 2. Insert a default 2x2 table. 3. Insert a single paragraph of text below. 4. (this is the state of the attached document) 5. Select the entire document content (use Ctrl-A Ctrl-A, be sure to select the entire document, not just the table) 6. Copy with Ctrl-C. 7. Position the cursor at the end of the document. 8. Paste with Ctrl-V. 9. Undo with Ctrl-Z. 10. Observe that the undo also removed the original paragraph of text, in addition to what was pasted. 11. If you started with a new document, then undo one more time to trigger a crash. Actual Results: Crash with: soffice.bin: /home/dhashe/Code/libreoffice-core/sal/rtl/strtmpl.hxx:888: void rtl::str::newFromSubString(rtl_tString**, const rtl_tString*, sal_Int32, sal_Int32) [with rtl_tString = _rtl_uString; sal_Int32 = int]: Assertion `false' failed. Unspecified Application Error After the undo, an extra paragraph of text was removed that was not part of what was pasted. Expected Results: No crash. The undo removes only that which was pasted, and nothing else. Reproducible: Always User Profile Reset: No Additional Info: This issue is not present on my Linux distro's LibreOffice, which is 7.3.7.2 and 1:7.3.7-0ubuntu0.22.04.10 I observed it on recent master with my HEAD at 6fec895e2b2d54e8f7c6398ef7e90145c1ca7559 Probably this is something that can be bisected? Here is the output from "Help - About LibreOffice" for my build from master: Version: 26.2.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 0874146565167d072cf1134f8cc93e08247d71ac CPU threads: 8; OS: Linux 6.8; UI render: default; VCL: gtk3 Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded
Created attachment 203980 [details] Minimal document to reproduce
Created attachment 203981 [details] Stacktrace from crash Adding a stacktrace. I doubt that it is that useful in this case; we care much more about why the extra content was removed during the undo than why that eventually caused LO to crash.
Hello David, Thank you for reporting the bug. I can confirm that the bug is present in Version: 26.2.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 620(Build:0) CPU threads: 32; OS: Windows 11 X86_64 (build 26100); UI render: Skia/Vulkan; VCL: win Locale: en-US (en_US); UI: en-US Calc: CL threaded Version: 25.8.2.2 (X86_64) Build ID: d401f2107ccab8f924a8e2df40f573aab7605b6f CPU threads: 32; OS: Windows 11 X86_64 (build 26100); UI render: Skia/Vulkan; VCL: win Locale: en-US (en_US); UI: en-US Calc: CL threaded
Hi David Hashe, Thank you for reporting the bug. I attempted to reproduce this issue, but my results differed somewhat from your description. Using the minimal sample document, when I copied and pasted the contents multiple times and then undid the paste, only the table was deleted, not the paragraph. I repeated this several times and occasionally observed that the paragraph disappeared instead of the table. I suspect the inconsistencies may be related to if there was a line space between each paste or not Tested using: Version: 25.8.3.2 (X86_64) Build ID: 8ca8d55c161d602844f5428fa4b58097424e324e CPU threads: 8; OS: Windows 10 X86_64 (build 19045); UI render: Skia/Vulkan; VCL: win Locale: en-US (en_US); UI: en-US Calc: CL threaded Version: 26.2.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 620(Build:0) CPU threads: 8; OS: Windows 10 X86_64 (build 19045); UI render: Skia/Vulkan; VCL: win Locale: en-US (en_US); UI: en-US Calc: CL threaded
(In reply to David Hashe from comment #0) > soffice.bin: /home/dhashe/Code/libreoffice-core/sal/rtl/strtmpl.hxx:888: > void rtl::str::newFromSubString(rtl_tString**, const rtl_tString*, > sal_Int32, sal_Int32) [with rtl_tString = _rtl_uString; sal_Int32 = int]: > Assertion `false' failed. > Unspecified Application Error This is an assertion in a debug build. Yet jcline in comment 3 said he could reproduce the crash even in non-debug builds. jcline: is this true? I could repro with a debug build, but not with a non-debug build when doing the steps from scratch. The full output is: soffice.bin: /home/user/libreoffice/sal/rtl/strtmpl.hxx:888: void rtl::str::newFromSubString(rtl_tString**, const rtl_tString*, sal_Int32, sal_Int32) [with rtl_tString = _rtl_uString; sal_Int32 = int]: Assertion `false' failed. soffice.bin: /home/user/libreoffice/include/o3tl/string_view.hxx:522: sal_uInt32 o3tl::iterateCodePoints(std::u16string_view, T*, sal_Int32) [with T = int; sal_uInt32 = unsigned int; std::u16string_view = std::basic_string_view<char16_t>; sal_Int32 = int]: Assertion `n <= string.length()' failed. The assertion was added in fa0c012d6c06e9a92093dacf997fe3151272648e We don't have bibisect repositories with debug builds.
Well ackshually, it *does* crash, if you *close the entire LibreOffice* after doing the steps from comment 0 Bibisected the crash upon exit with linux-64-7.6 to 4b6b9411e4ac912817dd804782ad2054bc0d1660 sw floattable, crashtesting: fix PDF export of fdo72790-1.docx, part 4