Plug-in crash on xmc export of 256px image
Environment/Versions
- GIMP version: GIMP_2_99_16-997-g1553f8b8
- Package: Compiled from source
- Operating System: Linux
Description of the bug
When testing export to different formats I got a message that my image was too wide to export to xmc:
Saving '/home/anders/File samples/Byastugan_1024.xmc' failed:
Frame 'Byastugan_1024.jpg' is too wide. Please reduce to no more than 256px.
Reducing the file size to 256x256 made that message go away, but a fatal error occurs instead, stack trace is shown and the plug-in crashes.
Further reducing the file size to 128*128 before exporting makes the fatal error go away and export succeeds, but now a warning about dimension is shown:
Your cursor was successfully exported but it contains one or more frames whose width or height is more than 64px, a historical max dimension value for X bitmap cursors.
It might be unsupported by some environments.
It seems that this warning is shown first when the export succeeds, so it wasn't shown when the plug-in crashed for the 256 px case.
256x256 example file that runs into this crash upon xmc export:
The plug-in also crashes on xmc export of 256x256 images in the stable Flatpak version 2.10.36.
Reproduction
Is the bug reproducible? Always
Reproduction steps:
- Open 256x256 px image
- File->Export as, choose X11 mouse cursor
- Click
Export
, and ClickExport
in the subsequent xmc export dialog as well. - Stack trace and plug-in crash occurs
…
Expected result: No plug-in crash or stack trace
Actual result: Plug-in crashes
Additional information
Stack trace on trying to export a 256x256 px image to xmc format in GIMP_2_99_16-997-g1553f8b8:
**
ERROR:../plug-ins/common/file-xmc.c:1572:save_image: assertion failed: (save_rgn.width * save_rgn.height < SQR (MAX_SAVE_DIMENSION))
Bail out! ERROR:../plug-ins/common/file-xmc.c:1572:save_image: assertion failed: (save_rgn.width * save_rgn.height < SQR (MAX_SAVE_DIMENSION))
/usr/local/lib/x86_64-linux-gnu/gimp/2.99/plug-ins/file-xmc/file-xmc: fatal error: Aborted
/usr/local/lib/x86_64-linux-gnu/gimp/2.99/plug-ins/file-xmc/file-xmc (pid:24859): [E]xit, show [S]tack trace or [P]roceed: s
26 ../sysdeps/unix/sysv/linux/read.c: No such file or directory.
Python Exception <class 'gdb.error'>: value requires 262144 bytes, which is more than max-value-size
# Stack traces obtained from PID 24859 - Thread 24859 #
[New LWP 24860]
[New LWP 24861]
[New LWP 24862]
[New LWP 24863]
[New LWP 24864]
[New LWP 24865]
[New LWP 24866]
[New LWP 24867]
[New LWP 24868]
[New LWP 24869]
[New LWP 24870]
[New LWP 24871]
[New LWP 24872]
[New LWP 24873]
[New LWP 24874]
[New LWP 24875]
[New LWP 24876]
[New LWP 24877]
[New LWP 24878]
[New LWP 24879]
[New LWP 24880]
[New LWP 24881]
[New LWP 24882]
[New LWP 24883]
[New LWP 24884]
[New LWP 24885]
[New LWP 24886]
[New LWP 24887]
[New LWP 24888]
[New LWP 24889]
[New LWP 24890]
[New LWP 24891]
[New LWP 24892]
[New LWP 24893]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
__GI___libc_read (nbytes=255, buf=0x7fff9bffea90, fd=15) at ../sysdeps/unix/sysv/linux/read.c:26
Id Target Id Frame
* 1 Thread 0x7f4d5d458e80 (LWP 24859) "file-xmc" __GI___libc_read (nbytes=255, buf=0x7fff9bffea90, fd=15) at ../sysdeps/unix/sysv/linux/read.c:26
2 Thread 0x7f4d5cc146c0 (LWP 24860) "pool-spawner" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
3 Thread 0x7f4d5c4136c0 (LWP 24861) "gmain" 0x00007f4d5e785a1f in __GI___poll (fds=0x55b056dcfba0, nfds=2, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
4 Thread 0x7f4d5bc126c0 (LWP 24862) "gdbus" 0x00007f4d5e785a1f in __GI___poll (fds=0x7f4d50000b90, nfds=3, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
5 Thread 0x7f4d5b07f6c0 (LWP 24863) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
6 Thread 0x7f4d5a87e6c0 (LWP 24864) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
7 Thread 0x7f4d5a07d6c0 (LWP 24865) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
8 Thread 0x7f4d5987c6c0 (LWP 24866) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
9 Thread 0x7f4d5907b6c0 (LWP 24867) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
10 Thread 0x7f4d5887a6c0 (LWP 24868) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
11 Thread 0x7f4d4bfff6c0 (LWP 24869) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
12 Thread 0x7f4d4b7fe6c0 (LWP 24870) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
13 Thread 0x7f4d4affd6c0 (LWP 24871) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
14 Thread 0x7f4d4a7fc6c0 (LWP 24872) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
15 Thread 0x7f4d49ffb6c0 (LWP 24873) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
16 Thread 0x7f4d497fa6c0 (LWP 24874) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
17 Thread 0x7f4d48ff96c0 (LWP 24875) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
18 Thread 0x7f4d2bfff6c0 (LWP 24876) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
19 Thread 0x7f4d2b7fe6c0 (LWP 24877) "worker" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
20 Thread 0x7f4d28bff6c0 (LWP 24878) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
21 Thread 0x7f4d289fe6c0 (LWP 24879) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
22 Thread 0x7f4d287fd6c0 (LWP 24880) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
23 Thread 0x7f4d285fc6c0 (LWP 24881) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
24 Thread 0x7f4d283fb6c0 (LWP 24882) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
25 Thread 0x7f4d0b3ff6c0 (LWP 24883) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
26 Thread 0x7f4d0b1fe6c0 (LWP 24884) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
27 Thread 0x7f4d0affd6c0 (LWP 24885) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
28 Thread 0x7f4d0adfc6c0 (LWP 24886) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
29 Thread 0x7f4d0abfb6c0 (LWP 24887) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
30 Thread 0x7f4d0a9fa6c0 (LWP 24888) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
31 Thread 0x7f4d0a7f96c0 (LWP 24889) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
32 Thread 0x7f4d0a5f86c0 (LWP 24890) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
33 Thread 0x7f4d0a3f76c0 (LWP 24891) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
34 Thread 0x7f4d0a1f66c0 (LWP 24892) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
35 Thread 0x7f4d09ff56c0 (LWP 24893) "file-xmc" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#0 __GI___libc_read (nbytes=255, buf=0x7fff9bffea90, fd=15) at ../sysdeps/unix/sysv/linux/read.c:26
sc_ret = -512
sc_cancel_oldtype = 0
sc_ret = <optimized out>
#1 __GI___libc_read (fd=15, buf=buf@entry=0x7fff9bffea90, nbytes=nbytes@entry=255) at ../sysdeps/unix/sysv/linux/read.c:24
#2 0x00007f4d5fa5dc8b in gimp_stack_trace_print (prog_name=prog_name@entry=0x7fff9c04225b "/usr/local/lib/x86_64-linux-gnu/gimp/2.99/plug-ins/file-xmc/file-xmc", stream=0x7f4d5e85e780 <_IO_2_1_stdout_>, trace=trace@entry=0x0) at ../libgimpbase/gimputils.c:1394
status = 959789108
stack_printed = 0
gtrace = 0x0
gimp_pid = "24859\000\000\0000\376\375V\260U\000"
buffer = "\220\f\033W\260U\000\000`\f\033W\260U\000\000\320\352\377\233\377\177\000\0001\321\262_M\177\000\000\001\000\000\000\000\000\000\000\023\001\000\000\000\000\000\000", '\n' <repeats 32 times>, '\000' <repeats 32 times>, "gimp/2.99/plug-ins/file-xmc/file", '\000' <repeats 32 times>, "how [S]tack trace or [P]"...
read_n = <optimized out>
sync_fd = {13, 14}
out_fd = {15, 16}
fork_pid = <optimized out>
pid = 24859
eintr_count = 0
tid = <optimized out>
#3 0x00007f4d5fa5e360 in gimp_stack_trace_query (prog_name=0x7fff9c04225b "/usr/local/lib/x86_64-linux-gnu/gimp/2.99/plug-ins/file-xmc/file-xmc") at ../libgimpbase/gimputils.c:1557
buf = "s\n", '\000' <repeats 13 times>
#4 0x00007f4d5fa95204 in gimp_plugin_sigfatal_handler (sig_num=<optimized out>) at ../libgimp/gimp.c:1039
sigset = {__val = {0, 0, 4841369599423283200, 139970276497081, 139970276481936, 140735810629760, 140735810629752, 19654658, 94215860785600, 103, 0, 0, 0, 0, 0, 0}}
#5 0x00007f4d5e6c6510 in <signal handler called> () at /lib/x86_64-linux-gnu/libc.so.6
#6 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
tid = <optimized out>
ret = 0
pd = <optimized out>
old_mask = {__val = {94215864069504}}
ret = <optimized out>
#7 0x00007f4d5e71415f in __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#8 0x00007f4d5e6c6472 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
ret = <optimized out>
#9 0x00007f4d5e6b04b2 in __GI_abort () at ./stdlib/abort.c:79
save_stage = 1
act = {__sigaction_handler = {sa_handler = 0x20, sa_sigaction = 0x20}, sa_mask = {__val = {94215863065104, 156, 139970278128997, 94214402605104, 140733193388032, 140735810633040, 10100327677773068800, 0, 10100327677773068800, 139970278356888, 18446744073709550472, 11, 139970278923680, 94215841227410, 140735810633168, 94215864336496}}, sa_flags = 1584537967, sa_restorer = 0x7f4d5eb87c58}
#10 0x00007f4d5eaebf18 in () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#11 0x00007f4d5eb52eae in g_assertion_message_expr () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#12 0x000055b055bf8400 in save_image (file=file@entry=0x55b056d9d6d0, image=<optimized out>, orig_image=orig_image@entry=0x55b056d9cee0, config=config@entry=0x55b056deee90, error=error@entry=0x7fff9c040008, drawables=<optimized out>, n_drawables=<optimized out>) at ../plug-ins/common/file-xmc.c:1572
drawable = <optimized out>
buffer = 0x55b057204070
format = 0x55b056e12c60
width = <optimized out>
height = <optimized out>
fp = 0x55b056f5a4a0
dimension_warn = 1
size_warn = 0
re = 0x55b056f5af40
commentsp = <optimized out>
imagesp = 0x55b056ed0770
layers = 0x55b056ffb260 = {0x55b056fa1e40}
orig_layers = <optimized out>
list = <optimized out>
orig_list = 0x55b0570171b0 = {0x55b056d9d520}
framename = 0x55b057030680 "Byastugan_256.jpg"
save_rgn = {x = 0, y = 0, width = 256, height = 256}
layer_xoffset = 0
layer_yoffset = 0
pixelbuf = #13 0x000055b055bf8de0 in xmc_save (procedure=0x55b056dea6b0, run_mode=GIMP_RUN_INTERACTIVE, image=<optimized out>, n_drawables=<optimized out>, drawables=<optimized out>, file=0x55b056d9d6d0, metadata=0x0, config=0x55b056deee90, run_data=0x0) at ../plug-ins/common/file-xmc.c:606
status = GIMP_PDB_SUCCESS
export = <optimized out>
orig_image = <optimized out>
hotspot_range = 0x55b056ea6830
hot_spot_x = 0
hot_spot_y = 0
error = 0x0
#14 0x00007f4d5faa942e in gimp_save_procedure_run (procedure=0x55b056dea6b0, args=<optimized out>) at ../libgimp/gimpsaveprocedure.c:406
plug_in = <optimized out>
save_proc = 0x55b056dea6b0
remaining = 0x55b056d9ce20
return_values = <optimized out>
config = 0x55b056deee90
run_mode = GIMP_RUN_INTERACTIVE
image = 0x55b056d9cee0
drawables = 0x55b056d9d610
file = 0x55b056d9d6d0
n_drawables = 1
metadata = 0x0
mimetype = 0x0
status = GIMP_PDB_EXECUTION_ERROR
__func__ = "gimp_save_procedure_run"
#15 0x00007f4d5faa4ad8 in _gimp_procedure_run_array (procedure=procedure@entry=0x55b056dea6b0, args=args@entry=0x55b056deb930) at ../libgimp/gimpprocedure.c:2047
return_vals = <optimized out>
error = 0x0
i = <optimized out>
__func__ = "_gimp_procedure_run_array"
#16 0x00007f4d5faa146e in gimp_plug_in_proc_run_internal (plug_in=plug_in@entry=0x55b056dc5540, proc_run=proc_run@entry=0x55b056de8c80, procedure=procedure@entry=0x55b056dea6b0, proc_return=proc_return@entry=0x7fff9c0401d0) at ../libgimp/gimpplugin.c:1413
arguments = 0x55b056deb930
return_values = 0x0
gettext_domain = 0x55b056deb930 "\017"
catalog_dir = 0x55b056deb910 "\260\246\336V\260U"
#17 0x00007f4d5faa1b16 in gimp_plug_in_proc_run (proc_run=0x55b056de8c80, plug_in=0x55b056dc5540) at ../libgimp/gimpplugin.c:1345
proc_return = {name = 0x0, n_params = 0, params = 0x0}
procedure = 0x55b056dea6b0
msg = {type = 5, data = 0x55b056de8c80}
__func__ = "_gimp_plug_in_run"
#18 gimp_plug_in_loop (plug_in=0x55b056dc5540) at ../libgimp/gimpplugin.c:1253
msg = {type = 5, data = 0x55b056de8c80}
__func__ = "_gimp_plug_in_run"
#19 _gimp_plug_in_run (plug_in=0x55b056dc5540) at ../libgimp/gimpplugin.c:844
__func__ = "_gimp_plug_in_run"
#20 0x00007f4d5fa95941 in gimp_main (plug_in_type=<optimized out>, argc=<optimized out>, argv=<optimized out>) at ../libgimp/gimp.c:536
read_channel = 0x55b056d9b580
write_channel = 0x55b056db4da0
basename = <optimized out>
protocol_version = <optimized out>
__func__ = "gimp_main"
#21 0x00007f4d5e6b16ca in __libc_start_call_main (main=main@entry=0x55b055bf6940 <main>, argc=argc@entry=7, argv=argv@entry=0x7fff9c040518) at ../sysdeps/nptl/libc_start_call_main.h:58
self = <optimized out>
result = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140735810897176, -3520536945365007016, 0, 140735810897240, 94215841238296, 139970294902784, 3520603543290463576, 3584362393551717720}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x7fff9c040518, 0x7fff9c040518}, data = {prev = 0x0, cleanup = 0x0, canceltype = -1677458152}}}
not_first_call = <optimized out>
#22 0x00007f4d5e6b1785 in __libc_start_main_impl (main=0x55b055bf6940 <main>, argc=7, argv=0x7fff9c040518, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff9c040508) at ../csu/libc-start.c:360
#23 0x000055b055bf6991 in _start ()
[Inferior 1 (process 24859) detached]