[Spectacle] [Bug 455362] New: Spectacle segmentation fault in libjasper after copying image to clipboard

[CUI Hao]

https://bugs.kde.org/show_bug.cgi?id=455362

            Bug ID: 455362
           Summary: Spectacle segmentation fault in libjasper after
                    copying image to clipboard
           Product: Spectacle
           Version: 22.04.2
          Platform: Archlinux Packages
                OS: Linux
            Status: REPORTED
          Severity: crash
          Priority: NOR
         Component: General
          Assignee: m...@baloneygeek.com
          Reporter: cuihao....@gmail.com
                CC: k...@david-redondo.de
  Target Milestone: ---

SUMMARY

Spectacle crashes with a segmentation fault in libjasper after copying image to
clipboard.

I think it's Qt's issue with latest libjasper library. See "ADDITIONAL
INFORMATION" for my debug attempts.

STEPS TO REPRODUCE
1. Open Spectacle
2. Take a screenshot
3. Copy Image to Clipboard and wait for a few seconds

OBSERVED RESULT
Spectacle crashes with segmentation fault. Sometimes it crashes Plasmashell
together.
Strangely, it doesn't crash immediate after clicking "Copy Image to Clipboard".
There is a few seconds before crashing and I can even paste the image
elsewhere.


EXPECTED RESULT
Spectacle doesn't crash.

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: Arch Linux
(available in About System)
KDE Plasma Version: 5.24.5
KDE Frameworks Version: 5.95.0
Qt Version: 5.15.4

ADDITIONAL INFORMATION

Backtrace in GDB:
```
#0  __pthread_kill_implementation (threadid=<optimized out>,
signo=signo@entry=11, no_tid=no_tid@entry=0) at pthread_kill.c:44
#1  0x00007f574b28e3d3 in __pthread_kill_internal (signo=11,
threadid=<optimized out>) at pthread_kill.c:78
#2  0x00007f574b23e838 in __GI_raise (sig=11) at ../sysdeps/posix/raise.c:26
#3  0x00007f574c675840 in KCrash::defaultCrashHandler (sig=11) at
/usr/src/debug/kcrash-5.95.0/src/kcrash.cpp:633
#4  <signal handler called>
#5  jas_stream_putc_func (stream=0x0, c=0) at
/usr/src/debug/jasper-version-3.0.4/src/libjasper/base/jas_stream.c:629
#6  0x00007f574467c989 in jp2_putuint32 (out=out@entry=0x0, val=val@entry=12)
at /usr/src/debug/jasper-version-3.0.4/src/libjasper/jp2/jp2_cod.c:762
#7  0x00007f574467e2e8 in jp2_box_put (box=box@entry=0x56057ff244d0,
out=out@entry=0x0) at
/usr/src/debug/jasper-version-3.0.4/src/libjasper/jp2/jp2_cod.c:565
#8  0x00007f574468054e in jp2_encode (image=0x560580044b90, out=0x0,
optstr=0x56057ff8c540 "") at
/usr/src/debug/jasper-version-3.0.4/src/libjasper/jp2/jp2_enc.c:146
#9  0x00007f5744703c82 in Jpeg2000JasperReader::write (quality=<optimized out>,
image=..., this=0x7fff1d7ef250)
    at
/usr/src/debug/qtimageformats/src/plugins/imageformats/jp2/qjp2handler.cpp:864
#10 QJp2Handler::write (this=<optimized out>, image=...) at
/usr/src/debug/qtimageformats/src/plugins/imageformats/jp2/qjp2handler.cpp:257
#11 0x00007f574c1b3628 in QImageWriter::write (image=..., this=0x7fff1d7ef3a8)
at image/qimagewriter.cpp:785
#12 QImageWriter::write (this=0x7fff1d7ef3a8, image=...) at
image/qimagewriter.cpp:753
#13 0x00007f574c1979d8 in QImage::save (quality=-1, format=<optimized out>,
device=0x7fff1d7ef410, this=0x7fff1d7ef420) at image/qimage.cpp:3758
#14 QImage::save (this=0x7fff1d7ef420, device=0x7fff1d7ef410, format=<optimized
out>, quality=-1) at image/qimage.cpp:3753
#15 0x00007f574c160727 in QInternalMimeData::renderDataHelper (mimeType=...,
data=data@entry=0x56057fd90990) at kernel/qinternalmimedata.cpp:228
#16 0x00007f57468e0984 in QXcbMime::mimeDataForAtom (connection=0x56057fa1ae60,
a=892, mimeData=0x56057fd90990, data=0x7fff1d7ef5e8, atomFormat=<optimized
out>, dataFormat=0x7fff1d7ef5dc)
    at /usr/src/debug/qtbase/src/plugins/platforms/xcb/qxcbmime.cpp:111
#17 0x00007f57468d45d4 in QXcbClipboard::sendSelection (property=710,
window=<optimized out>, target=892, d=0x56057fd90990, this=0x7f5740001600) at
./qxcbobject.h:53
#18 QXcbClipboard::handleSelectionRequest (req=0x5605800f9330,
this=0x7f5740001600) at
/usr/src/debug/qtbase/src/plugins/platforms/xcb/qxcbclipboard.cpp:631
#19 QXcbConnection::handleXcbEvent (this=<optimized out>, event=0x5605800f9330)
at /usr/src/debug/qtbase/src/plugins/platforms/xcb/qxcbconnection.cpp:637
#20 0x00007f57468d7960 in QXcbConnection::processXcbEvents
(this=0x56057fa1ae60, flags=...) at
/usr/src/debug/qtbase/src/plugins/platforms/xcb/qxcbconnection.cpp:1020
#21 0x00007f57468faf18 in xcbSourceDispatch (source=<optimized out>) at
/usr/src/debug/qtbase/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:103
#22 0x00007f5749b18c6b in g_main_dispatch (context=0x7f5740005010) at
../glib/glib/gmain.c:3417
#23 g_main_context_dispatch (context=0x7f5740005010) at
../glib/glib/gmain.c:4135
#24 0x00007f5749b6f001 in g_main_context_iterate.constprop.0
(context=context@entry=0x7f5740005010, block=block@entry=1,
dispatch=dispatch@entry=1, self=<optimized out>)
    at ../glib/glib/gmain.c:4211
#25 0x00007f5749b16392 in g_main_context_iteration (context=0x7f5740005010,
may_block=1) at ../glib/glib/gmain.c:4276
#26 0x00007f574bcd827c in QEventDispatcherGlib::processEvents
(this=0x56057fb38950, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#27 0x00007f574bc862ec in QEventLoop::exec (this=0x7fff1d7ef960, flags=...) at
../../include/QtCore/../../src/corelib/global/qflags.h:69
#28 0x00007f574bc90dd9 in QCoreApplication::exec () at
../../include/QtCore/../../src/corelib/global/qflags.h:121
#29 0x000056057dd6ea7c in main (argc=<optimized out>, argv=<optimized out>) at
/usr/src/debug/spectacle-22.04.2/src/Main.cpp:112
```

I set JAS_DEBUG_LEVEL to 100 and see  the following warnings:
```
$ JAS_DEBUG_LEVEL=100 spectacle
WARNING: YOUR CODE IS RELYING ON DEPRECATED FUNCTIONALITY IN THE JASPER
LIBRARY.  THIS FUNCTIONALITY WILL BE REMOVED IN THE NEAR FUTURE. PLEASE
FIX THIS PROBLEM BEFORE YOUR CODE STOPS WORKING.
deprecation warning: use of jas_init is deprecated
warning: The application program did not set the memory limit for the JasPer
library.
warning: The JasPer memory limit is being defaulted to a value that may be
inappropriate for the system.  If the default is too small, some reasonable
encoding/decoding operations will fail.  If the default is too large, security
vulnerabilities will result (e.g., decoding a malicious image could exhaust all
memory and crash the system.
warning: setting JasPer memory limit to 16687968256 bytes
requested memory size is too large (18446744073709551615)
23 -- exe=/usr/bin/spectacle
13 -- platform=xcb
11 -- display=:0
18 -- appname=spectacle
17 -- apppath=/usr/bin
10 -- signal=11
10 -- pid=18822
19 -- appversion=22.04.2
22 -- programname=Spectacle
31 -- bugaddress=sub...@bugs.kde.org
12 -- startupid=0
KCrash: crashing... crashRecursionCounter = 2
KCrash: Application Name = spectacle path = /usr/bin pid = 18822
KCrash: Arguments: /usr/bin/spectacle 
KCrash: Attempting to start /usr/lib/drkonqi
```

-- 
You are receiving this mail because:
You are watching all bug changes.