Created attachment 115029 [details] The problem document Please open the attachment then ctrl-end to go to the last character then press backspace. This will crash the Writer.
I can not reproduce with LO 4.4.2.2, win7
I can confirm with Version: 5.0.0.0.alpha1+ Build ID: badec7478035008f514e0976a94438fe2e32dc40 TinderBox: Linux-rpm_deb-x86_64@46-TDF, Branch:master, Time: 2015-04-22_01:28:24 LO 4.3.3 No crash with LibreOffice 3.5.0 Build ID: d6cde02 , regression
Created attachment 115036 [details] gdbtrace
commit 7e1458eeba4fb40a796b1318a034410a97b6b24b Author: Bjoern Michaelsen <bjoern.michaelsen@canonical.com> Date: Thu Oct 17 16:03:09 2013 +0000 source-hash-926275d07184d441b3bfa1ceca26c4c1f2bc61db commit 926275d07184d441b3bfa1ceca26c4c1f2bc61db Author: Tomaž Vajngerl <quikee@gmail.com> AuthorDate: Wed Jul 3 22:05:30 2013 +0200 Commit: Tomaž Vajngerl <quikee@gmail.com> CommitDate: Wed Jul 3 22:05:30 2013 +0200 Compiler error fixes in PolynomialRegressionCurveCalculator Change-Id: Ie78e10fea0b798fae5ce2cee96798bcc65bbccbe :100644 100644 01a521d81b05da62fc741f4064b361b8fc660907 66d8b904195e1d73dd269aa03bc111d2e66c9469 M ccache.log :100644 100644 8cac93c0ec3bcfc227282d1749f0cfdbd09d2f1b c69e50d0e426322517161edf3feff6f55ae114de M commitmsg :100644 100644 e4f1b8f0fa234364dce0bcb5cf8250b29f79554c a1de2224c5ad6b755aea158667df86c3ee2bbf88 M dev-install.log :100644 100644 fb93205802763858eb230d6dbff4d0a562b16671 cf5579f82b33e1dd85a0da6308b126647bd335d3 M make.log :040000 040000 d81597b06f640c259130c06a16e8b026acfc3867 27d70a3fd54fcc828456bf70a677f3652c744754 M opt # bad: [423a84c4f7068853974887d98442bc2a2d0cc91b] source-hash-c15927f20d4727c3b8de68497b6949e72f9e6e9e # good: [65fd30f5cb4cdd37995a33420ed8273c0a29bf00] source-hash-d6cde02dbce8c28c6af836e2dc1120f8a6ef9932 git bisect start 'latest' 'oldest' # good: [e02439a3d6297a1f5334fa558ddec5ef4212c574] source-hash-6b8393474974d2af7a2cb3c47b3d5c081b550bdb git bisect good e02439a3d6297a1f5334fa558ddec5ef4212c574 # bad: [4850941efe43ae800be5c76e1102ab80ac2c085d] source-hash-980a6e552502f02f12c15bfb1c9f8e6269499f4b git bisect bad 4850941efe43ae800be5c76e1102ab80ac2c085d # skip: [a043626b542eb8314218d7439534dce2fc325304] source-hash-9379a922c07df3cdb7d567cc88dfaaa39ead3681 git bisect skip a043626b542eb8314218d7439534dce2fc325304 # skip: [aba65c3e4c0df07e4909aeefb758cdb688242bf6] source-hash-827524abfb4b577d08276fde40929a9adfb7ff1a git bisect skip aba65c3e4c0df07e4909aeefb758cdb688242bf6 # skip: [aba65c3e4c0df07e4909aeefb758cdb688242bf6] source-hash-827524abfb4b577d08276fde40929a9adfb7ff1a git bisect skip aba65c3e4c0df07e4909aeefb758cdb688242bf6 # bad: [c81a8a0dcfc1ed095a80e4485c89dd0fcaf73f31] source-hash-c69ed33628ec0b7abf6296539cf280d6c4265930 git bisect bad c81a8a0dcfc1ed095a80e4485c89dd0fcaf73f31 # bad: [c81a8a0dcfc1ed095a80e4485c89dd0fcaf73f31] source-hash-c69ed33628ec0b7abf6296539cf280d6c4265930 git bisect bad c81a8a0dcfc1ed095a80e4485c89dd0fcaf73f31 # bad: [1d4980621741d3050a5fe61b247c157d769988f2] source-hash-89d01a7d8028ddb765e02c116d202a2435894217 git bisect bad 1d4980621741d3050a5fe61b247c157d769988f2 # bad: [ba096f438393091574da98fe7b8e6b05182a8971] source-hash-8499e78ca03c792f4fa2650e02b519094ba0baa8 git bisect bad ba096f438393091574da98fe7b8e6b05182a8971 # good: [9daa289e178460daaafa4b3911031df5b8736218] source-hash-704292996a3731a61339b1a4a5c90c9403aa095f git bisect good 9daa289e178460daaafa4b3911031df5b8736218 # bad: [34eab3946c46bb7273ba4ca395db9c4421dd232f] source-hash-e962805b31074d6b6a2ed0db6452769448337553 git bisect bad 34eab3946c46bb7273ba4ca395db9c4421dd232f # bad: [7f958321368b190c941b23cc219d62d0420415af] source-hash-b3f41543851e9985c6c7ba133c32753c9bc732c1 git bisect bad 7f958321368b190c941b23cc219d62d0420415af # bad: [7e1458eeba4fb40a796b1318a034410a97b6b24b] source-hash-926275d07184d441b3bfa1ceca26c4c1f2bc61db git bisect bad 7e1458eeba4fb40a796b1318a034410a97b6b24b # good: [bb5ad7a1787aa87f172ccc8ed1f5be8374184a8f] source-hash-6bf79576aeca243db553ed3b5eade492dc35337b git bisect good bb5ad7a1787aa87f172ccc8ed1f5be8374184a8f # good: [f558a584cdbd1eed10f886939a5cc2e86049b08c] source-hash-61db96daa87754af24355d7ac94ee0305f22ff87 git bisect good f558a584cdbd1eed10f886939a5cc2e86049b08c # first bad commit: [7e1458eeba4fb40a796b1318a034410a97b6b24b] source-hash-926275d07184d441b3bfa1ceca26c4c1f2bc61db
On pc Debian x86-64 with master sources updated today, I don't reproduce this.
Crashed. 5.0 said: soffice.bin: malloc.c:3689: _int_malloc: Assertion `(unsigned long) (size) >= (unsigned long) (nb)' failed. My master is not from today, though.. Ubuntu 15.04 64-bit Version: 4.4.2.2 Build ID: 40m0(Build:2) Locale: en_US Version: 5.0.0.0.alpha1+ Build ID: 0cd88d27ecd87c8c5791418bcac6ab1684ece74a TinderBox: Linux-rpm_deb-x86_64@46-TDF-dbg, Branch:master, Time: 2015-04-30_00:38:48 Locale: en_US.UTF-8
This seems to have begun at the below commit. Adding Cc: to khaledhosny@eglug.org; Could you possibly take a look at this one? Thanks commit 92ffe57f6bf40ec0f19e2abed24721137c569063 Author: Khaled Hosny <khaledhosny@eglug.org> Date: Sat Jun 15 14:24:21 2013 +0200 Don't shrink text from fallback fonts This code is bogus in multiple ways: * It scales text based on ascent or descent, but this makes no sense as those control line height and nothing else, if one is to scale two different fonts to \u201cfit\u201d together, cap or x height would be more appropriate. This results in some text being ridiculously shrunk. * Not only that, but it is comparing apples to oranges; original font ascent/descent with the bounding box of the fallback glyphs, which results in different scale ratios depending on the shape of the glyphs at hand, which leads to all sorts of funny and irregular text. * Even worse, the PDF export is completely broken in this case; it uses the scaled down glyph widths but the unscaled font size, resulting in cramped unreadable text.
That commit is two years old, and I can’t reproduce the crash with my 4.3 installation nor with (a few months old) master build. The crash does not seem to be in a code affected by this commit.
stack trace looks like a memory corruption can reproduce valgrind and ASAN warnings on master this is not a regression, the Thai break iterator was always doing this fixed on master
Michael Stahl committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=9db629b8a1fa9b63bc320f8d47594ec82511a9c5 tdf#90809: i18npool: fix crash in Thai break iterator It will be available in 5.0.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Michael Stahl committed a patch related to this issue. It has been pushed to "libreoffice-5-0": http://cgit.freedesktop.org/libreoffice/core/commit/?id=7f49a466e85b5f5866e6af28d84ed06697e49d20&h=libreoffice-5-0 tdf#90809: i18npool: fix crash in Thai break iterator It will be available in 5.0.0.0.beta2. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Michael Stahl committed a patch related to this issue. It has been pushed to "libreoffice-4-4": http://cgit.freedesktop.org/libreoffice/core/commit/?id=668e6353f4597b81ebfd153b6197831dac50d398&h=libreoffice-4-4 tdf#90809: i18npool: fix crash in Thai break iterator It will be available in 4.4.4. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Migrating Whiteboard tags to Keywords: (bibisected) [NinjaEdit]