Created attachment 201170 [details] File which crashes Writer with certain settings Here we have an odt file which would crash LibreOffice Writer when opening it. After some testing, we found that the condition that would crash LibreOffice Writer was: * Disable Skia (Uncheck Tools - Options - LibreOffice - View - Graphics Output - Use Skia for all rendering, "Skia is currently disabled." shown.) * Change user interface mode to Tabbed (View - User Interface - UI variants, selected Tabbed) Then open the attached file. It would crash. If the UI interface is switched to Standard Toolbar, it would not crash. But changing it to Tabbed while the attached file is opened would immediately crash it. The earliest version affected is 7.6.0.0 beta1+: Version: 7.6.0.0.beta1 (X86_64) / LibreOffice Community Build ID: be55b15d98c5f059483845a183fcb5ea8023d27c CPU threads: 8; OS: Windows 10.0 Build 19045; UI render: default; VCL: win Locale: zh-TW (zh_TW); UI: zh-TW Calc: threaded When I tested it with 7.6.0.0.alpha1+, the attached file can be opened successfully. Version: 7.6.0.0.alpha1 (X86_64) / LibreOffice Community Build ID: 9366f83c88fc93d40ea0c0035508f24ad5dcb144 CPU threads: 8; OS: Windows 10.0 Build 19045; UI render: default; VCL: win Locale: zh-TW (zh_TW); UI: zh-TW Calc: threaded Versions before this, such as 7.5.* this file can be opened without problem. So far we haven't found another file that would trigger this bug. However this attached file would always trigger it.
I can also reproduce this crash. Here are the SAL_LOG="+INFO.sw.ww8+WARN" debug logs generated from our downstream fork(based on libo 2.4.x): ``` info:vcl.virdev:8892:1768:vcl/source/gdi/virdev.cxx:211: VirtualDevice::VirtualDevice( 0, -1, 2 ) info:vcl.virdev:8892:1768:vcl/source/gdi/virdev.cxx:129: ImplInitVirDev(0,0) info:vcl.virdev:8892:1768:vcl/source/gdi/virdev.cxx:260: VirtualDevice::InnerImplSetOutputSizePixel( 100, 30, 1 ) warn:vcl:8892:1768:vcl/win/gdi/salvd.cxx:68: CreateDIBSection failed: 參數錯誤(Invalid parameter)。 info:vcl.gdi.fontmetric:8892:1768:vcl/source/outdev/font.cxx:217: OutputDevice::GetFontMetric:{name="Tahoma",size=(11,24),ascent=24,descent=5,intLeading=5,extLeading=0,lineHeight=29,slant=0} info:i18nlangtag:8892:1768:i18nlangtag/source/languagetag/languagetag.cxx:761: LanguageTag::registerImpl: 38070 calls ...stripped... info:i18nlangtag:8892:1768:i18nlangtag/source/languagetag/languagetag.cxx:774: LanguageTag::registerImpl: 7171 system calls info:vcl.virdev:8892:1768:vcl/source/gdi/virdev.cxx:211: VirtualDevice::VirtualDevice( 0, -1, 2 ) info:vcl.virdev:8892:1768:vcl/source/gdi/virdev.cxx:129: ImplInitVirDev(0,0) warn:vcl:8892:1768:vcl/win/gdi/salvd.cxx:99: CreateCompatibleDC failed: 參數錯誤(Invalid parameter)。 warn:vcl.schedule:8892:1768:vcl/source/app/scheduler.cxx:489: Uncaught com.sun.star.uno.RuntimeException message: "Could not create system bitmap!" ``` Will try to reproduce it in the upstream development snapshot.
Result of bibisect: $ git bisect good e3c7294b054427aa266eb1fa69dfbd047205980d is the first bad commit commit e3c7294b054427aa266eb1fa69dfbd047205980d Author: Norbert Thiebaud <nthiebaud@gmail.com> Date: Sat Jun 3 10:52:45 2023 -0700 source 5ad502af9cf3d49457082a12d36f8159b6c4ca11 source 5ad502af9cf3d49457082a12d36f8159b6c4ca11 instdir/program/setup.ini | 2 +- instdir/program/svxcorelo.dll | Bin 8930304 -> 8933376 bytes instdir/program/version.ini | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-)
No crash, neither with tabbed or tabbed compact. Version: 25.2.4.2 (X86_64) / LibreOffice Community Build ID: 508ff62361999404a9d3590fe47df713b5888744 CPU threads: 16; OS: Windows 11 X86_64 (10.0 build 26100); UI render: default; VCL: win Locale: en-US (es_ES); UI: en-US Calc: CL threaded Perhaps specific to the regional settings.
Confirmed with STR. Attaching WinDbg stack trace of crash LO in MUFFIN NB Tabbed UI with "non-Skia" default GDI+ rendering active, and HA also unchecked. Version: 25.2.4.2 (X86_64) / LibreOffice Community Build ID: 508ff62361999404a9d3590fe47df713b5888744 CPU threads: 28; OS: Windows 11 X86_64 (10.0 build 26100); UI render: default; VCL: win Locale: en-US (en_US); UI: en-US Calc: CL threaded
Created attachment 201174 [details] WinDbg ST crash on opening WinDbg ST taken on crash after opening Win11 (24H2) with LO set to MUFFIN NB Tabbed UI with Tools -> Options -> View skia rendering disabled, and 'Use hardware acceleration' unchecked. Same system with skia rendering (Vulkan or forced software raster framing) opens this MODA ODF app generated Writer document without issue.
(In reply to m_a_riosv from comment #3) > No crash, neither with tabbed or tabbed compact. Could you please verify whether Skia is disabled under Tools > Options > LibreOffice > View? This crash will not be reproduced without it.
Interestingly, when I open with recent master against 25.8.0 also set to non-skia default vcl GDI+ rendering, no longer have crash. Noticed these builds have had substantial changes to the LO scheduler.cxx since the 25.2 branch. Is the timeout issue already resolved? =-testing-= Version: 25.8.0.0.alpha1+ (X86_64) / LibreOffice Community Build ID: ca6b1677cc3d923f0c13b2253b48a0ea90485b41 CPU threads: 28; OS: Windows 11 X86_64 (build 26100); UI render: default; VCL: win Locale: en-US (en_US); UI: en-US Calc: CL threaded
(In reply to V Stuart Foote from comment #7) > > Noticed these builds have had substantial changes to the LO scheduler.cxx > since the 25.2 branch. Is the timeout issue already resolved? I think Mike K's guard work in https://gerrit.libreoffice.org/c/core/+/164753 may have done some good here as well.
(In reply to V Stuart Foote from comment #7) (In reply to V Stuart Foote from comment #8) Sorry, that was incorrect. Issue remains and still will crash with testdoc attachment 201170 [details] on recent master when in non-Skia default vcl rendering *in the MUFFIN NB Tabbed UI*
This is simply exceeding the 10000 GDI handles limit; it creates thousands of bitmaps for the cache, and in no-skia case, they use GDI.
But wow, more than 3000 styles (in total) in the document, quite impressive!
(In reply to Mike Kaganski from comment #10) > This is simply exceeding the 10000 GDI handles limit; it creates thousands > of bitmaps for the cache, and in no-skia case, they use GDI. Thanks for the information! (In reply to Mike Kaganski from comment #11) > But wow, more than 3000 styles (in total) in the document, quite impressive! ROFL Not sure how it turned out that way, but again, thanks for the info!
(In reply to 林博仁(Buo-ren Lin) from comment #12) > (In reply to Mike Kaganski from comment #10) > > This is simply exceeding the 10000 GDI handles limit; it creates thousands > > of bitmaps for the cache, and in no-skia case, they use GDI. > > Thanks for the information! > > (In reply to Mike Kaganski from comment #11) > > But wow, more than 3000 styles (in total) in the document, quite impressive! > > ROFL > Not sure how it turned out that way, but again, thanks for the info! Usually, in our experience, this file might be generated using other applications and converted into ODF file. If the odt file is directly generated by LibreOffice or its derivatives it would usually be pretty simple.
We need to change StylePreviewCache to use bitmaps instead of virtual devices; that would decrease the resource consumption. Additionally, that would improve performance at least on Windows, because the end result is converted to bitmaps anyway - see SalInstanceIconView::insert. I don't know if that would affect Qt and/or gtk negatively - they use different code. It may be that we need two different implementations of the cache.
(In reply to Mike Kaganski from comment #14) > We need to change StylePreviewCache to use bitmaps instead of virtual > devices; that would decrease the resource consumption. Additionally, that Something like https://gerrit.libreoffice.org/c/core/+/186333 ?
Noel Grandin committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/8899ae01feb9b9088372d76a6d0562397174c89c tdf#166932 use BitmapEx in preview style cache instead of VirtualDevice It will be available in 26.2.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Noel Grandin committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/41ce88c0dc01211e2cc319890a069d04360c76eb tdf#166932 no need to use GlobalAlloc in BitmapEx It will be available in 26.2.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Noel Grandin committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/7359e9c742d35c999eb9add524052887805e7b26 tdf#166932 avoid O(n^2) loop in UpdateStylesList It will be available in 26.2.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Noel Grandin committed a patch related to this issue. It has been pushed to "libreoffice-25-8": https://git.libreoffice.org/core/commit/087b82633eaa393cbe2bad55783af3894f85425f tdf#166932 no need to use GlobalAlloc in BitmapEx It will be available in 25.8.0.0.beta2. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Noel Grandin committed a patch related to this issue. It has been pushed to "libreoffice-25-8": https://git.libreoffice.org/core/commit/25f007984f91393dbc34adbd2bf59d8b4bae490a tdf#166932 use BitmapEx in preview style cache instead of VirtualDevice It will be available in 25.8.0.0.beta2. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
I can confirm that this issue is no longer reproduced on the daily build. Thanks!
Noel Grandin committed a patch related to this issue. It has been pushed to "libreoffice-25-8": https://git.libreoffice.org/core/commit/5f68287bc551d9bde7c5039180fa75d180ea0287 tdf#166932 avoid O(n^2) loop in UpdateStylesList It will be available in 25.8.0.0.beta2. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Noel Grandin committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/7920c94ed85c648bc301e1d32171ffa20d056083 tdf#166932 UpdateStylesList followup It will be available in 26.2.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Noel Grandin committed a patch related to this issue. It has been pushed to "libreoffice-25-8": https://git.libreoffice.org/core/commit/8f4850a1a66b0f658cf23d46e1fc107d4d56cbba tdf#166932 UpdateStylesList followup It will be available in 25.8.0.0.beta2. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.