Created attachment 122214 [details] Test case Steps to reproduce: 1. Open the attached test case. 2. Click on the slide contents, and select the entire first three bullets and the first word of the fourth ("Qwer"). 3. Cut the text (with ctrl+x or with the toolbar icon). 4. Impress will crash. Reproduced with the LO in my distro: Version: 4.4.7.2 Build ID: 4.4.7.2-1.fc22 Locale: es_ES.UTF-8 Also in master: Version: 5.2.0.0.alpha0+ Build ID: b250f3ddd7d8a14746b4df1029b7cbf3ae86b1d1 CPU Threads: 4; OS Version: Linux 4.2; UI Render: default; Locale: en-US (es_ES.UTF-8)
If ran with gdb, this is the result of the crash: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff618acbc in ParaPortion::IsInvalid (this=0x0) at /home/jaragunde/projects/libreoffice/core/editeng/source/editeng/editdoc.hxx:616 616 bool IsInvalid() const { return bInvalid; } (gdb) bt #0 0x00007ffff618acbc in ParaPortion::IsInvalid() const (this=0x0) at /home/jaragunde/projects/libreoffice/core/editeng/source/editeng/editdoc.hxx:616 #1 0x00007ffff62207cf in ImpEditView::DrawSelection(EditSelection, vcl::Region*, OutputDevice*) (this=0x57e6040, aTmpSel=..., pRegion=0x0, pTargetDevice= 0x1c45470) at /home/jaragunde/projects/libreoffice/core/editeng/source/editeng/impedit.cxx:231 #2 0x00007ffff626382e in ImpEditEngine::Paint(ImpEditView*, Rectangle const&, OutputDevice*, bool) (this=0x4d40490, pView=0x57e6040, rRect=..., pTargetDevice=0x0, bUseVirtDev=true) at /home/jaragunde/projects/libreoffice/core/editeng/source/editeng/impedit3.cxx:3845 #3 0x00007ffff6252709 in ImpEditEngine::UpdateViews(EditView*) (this=0x4d40490, pCurView=0x4b6b750) at /home/jaragunde/projects/libreoffice/core/editeng/source/editeng/impedit3.cxx:298 #4 0x00007ffff62655a7 in ImpEditEngine::SetCharStretching(unsigned short, unsigned short) (this=0x4d40490, nX=100, nY=100) at /home/jaragunde/projects/libreoffice/core/editeng/source/editeng/impedit3.cxx:4243 #5 0x00007ffff61c91b8 in EditEngine::SetGlobalCharStretching(unsigned short, unsigned short) (this=0x57ddda0, nX=100, nY=100)
If you reproduce the step two slightly differently, you will get an infinite loop instead of a crash; try selecting the first three bullets, not the fourth one. The program will get stuck and this message will be printed once and again in the console: warn:legacy.tools:8193:1:editeng/source/editeng/impedit.cxx:304: DrawSelection, Start >= End?
Hello, and thank you for bringing this issue to our attention. Sadly, I was unable to reproduce the described behaviour. I'll leave the report unchanged so someone else can try if they can reproduce it. -- Windows 10 Pro, Version 1511 (OS Build 10586.36) Version: 5.0.4.2 Build ID: 2b9802c1994aa0b7dc6079e128979269cf95bc78 Locale: de-DE (de_DE)
Bodhi Moksha Version: 5.2.0.0.alpha0+ Build ID: 182375f7a90ca53919fd2892f7856aee4d678dd0 CPU Threads: 2; OS Version: Linux 3.16; UI Render: default; Locale: en-US (en_US.UTF-8) No crash. @Jacobo - please test with a fresh profile: https://wiki.documentfoundation.org/UserProfile
Created attachment 122242 [details] bt with debug symbols On pc Debian x86-64 with master sources updated today (+dbgutil and build from scratch so brand new profile), I could reproduce this. I attached bt with symbols, I noticed these errors on console just before crash: warn:legacy.osl:4945:1:vcl/unx/generic/app/geninst.cxx:56: SalYieldMutex::release() called with zero count warn:sal.osl.mutex:4945:1:sal/osl/unx/mutex.cxx:139: pthread_mutex_unlock failed: Operation not permitted warn:legacy.tools:4945:1:editeng/source/editeng/editdoc.cxx:1227: Node out of range in Adjust(1) warn:legacy.tools:4945:1:editeng/source/editeng/impedit.cxx:239: Portion in Selection not found! Also, I could reproduce this with gtk3 and gtk but not with SAL_USE_VCLPLUGIN=gen
Caolan: thought you might be interested in this one since the crash is only reproduceable with gtk not with gen. However I must recognize that my last update is f4544d3c95bac8f3203235f8482ecb435545b887 and I know you've worked today on gtk part, so I'll give it a new try after having updated.
Created attachment 122260 [details] bt with debug symbols I still reproduce the crash with eea67332da825306abd3e49450850abb323eb91c
Caolán McNamara committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=ab5c427784fb72d52042b8122ffc5a0fd7108c6b Resolves: tdf#97375 use Invalidate in all modes It will be available in 5.2.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-5-1": http://cgit.freedesktop.org/libreoffice/core/commit/?id=c3f09ae629b349c52a4a7954e3017ceb8d7afeaf&h=libreoffice-5-1 Resolves: tdf#97375 use Invalidate in all modes It will be available in 5.1.1. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=c3224db8baa443253584954d1d54651c9d863304 Related: tdf#97375 a cut doesn't refresh the editview It will be available in 5.2.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-5-0": http://cgit.freedesktop.org/libreoffice/core/commit/?id=1b49e14c82af691fe1ec5aa5de8392350bce11a1&h=libreoffice-5-0 Resolves: tdf#97375 use Invalidate in all modes It will be available in 5.0.6. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-5-0-5": http://cgit.freedesktop.org/libreoffice/core/commit/?id=1d5a1f06c33bea1dd05fa6b03a02dce178578980&h=libreoffice-5-0-5 Resolves: tdf#97375 use Invalidate in all modes It will be available in 5.0.5. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-5-1": http://cgit.freedesktop.org/libreoffice/core/commit/?id=1b0fa861e469c018d77f8c61c95bdaeffc1b01a1&h=libreoffice-5-1 Related: tdf#97375 a cut doesn't refresh the editview It will be available in 5.1.1. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.