QImage crash when reading some bmp files



  • The QImage will crash when reading the images of this link
    "crash images":http://www.sendspace.com/file/ureh9l

    @
    #include <QtCore>
    #include <QtGui>

    int main(int argc, char *argv[])
    {
    QString const prefix = "C:/Qt/crash_pictures/";
    QStringList name;
    name << "rgb32-111110.bmp" << "rgb32bf.bmp" << "rgba32.bmp";

    for(int i = 0; i != name.size(); ++i){
        qDebug() << name[i];
        QImage read(prefix + name[i]); //crash at here
        qDebug() << read.isNull(); //can't reach this line
        qDebug() << read.format();
    }
    
    return 0;
    

    }
    @

    I tried it on two versions of Qt
    Qt4.8, compiler is mingw4.6.2, 32bits
    Qt5.0, compiler is msvc2010 32bits

    OS : win7 64bits

    Any workaround to avoid the crash, thanks

    Is this a bug of QImage, or my fault?



  • I created code like this but no problem occurs.
    i use Ubuntu

    *but the slash in window paths like: / or
    i always user windows slash like this: c:\windows*

    @#include <QApplication>
    #include "widget.h"
    #include <QDebug>

    int main(int argc, char *argv[])
    {
    QApplication a(argc, argv);
    Widget w;
    QStringList name;
    QString const prefix = "/home/auda/Pictures/777/";
    name << "Selection_009.bmp" << "Selection_015.bmp" ;

       for(int i = 0; i != name.size(); ++i){
           qDebug() << name[i];
           QImage read(prefix + name[i]); //no problem
           qDebug() << read.isNull(); // work fine
           qDebug() << read.format();
       }
    w.show();
    
    return a.exec(&#41;;
    

    }
    @

    best wishes



  • Are you using the same images come from this link?
    "crash image download":http://www.sendspace.com/file/ureh9l

    Most of the bmp would not make the program crash, but some of
    them will crash it if you try to load it by QImage.



  • Anyone know how to solve this problem?
    Should I treat this as a bug and report it to bug tracker?



  • I traced it by GDB, these are the messages I got
    The program(alter a little bit)

    @
    #include <QtCore>
    #include <QtGui>

    int main(int argc, char *argv[])
    {
    QApplication a(argc, argv);

    QString const prefix   = "C:/Qt/crash_pictures/";
    QStringList name;
    name << "rgb32-111110.bmp" << "rgb32bf.bmp" << "rgba32.bmp";        
    
    for(int i = 0; i != name.size(); ++i){
        qDebug() << name[i];
        QImage read(prefix + name[i]); //crash at here
        qDebug() << read.isNull(); //can't reach this line
        qDebug() << read.format();
    }
    
    QLabel label;
    label.show();
    
    return a.exex();
    

    }
    @

    The call stack trace by GDB
    @
    0 read_dib_body qbmphandler.cpp 322 0x77af5a
    1 QBmpHandler::read qbmphandler.cpp 770 0x77c733
    2 QImageReader::read qimagereader.cpp 1205 0x75bd6f
    3 QImageReader::read qimagereader.cpp 1155 0x75b96c
    4 QImage::load qimage.cpp 5094 0x753fd3
    5 QImage::QImage qimage.cpp 995 0x748deb
    6 main main.cpp 66 0x401518

    @

    signal received after crashed

    @The inferior stop because it received a signal from the
    operating system.

    Signal name : SIGFPE
    Signal meaning : Arithmetic exception@

    Image with useful debug messages
    this picture show you which line cause the program crash
    "debug message":http://www.flickr.com/photos/92283971@N04/8386650746/in/photostream

    Anyone know how to solve it?

    compiler : mingw4.6.2
    Qt version : Qt4.8.4
    OS : win7 64bits



  • yes u r right.
    output:

    @"rgb32-111110.bmp"
    The program has unexpectedly finished.
    @

    why u not use anather programme to create images, may be it write images in wrong way...



  • So this may be some very unlikely coincidence, where "red_mask >> red_shift" is -1, so that line divides by zero. I guess the .bmp is broken, however, even a broken file shouldn't crash the image reader, it should at most abort the read process and return an invalid QImage. In this case it may even be handled more gracefully.
    However this comes at a price. The fastest you could probably do is C-Cast that upper expression to unsigned int, but this seems to be in a tight loop, so it would slow down the reader... crash safety is more important than performance though.
    Anyhow. File a bug in the Qt Bugtracker, as this clearly is one.

    This bug is a very similar problem:
    https://bugreports.qt-project.org/browse/QTBUG-7530
    And a comment might be made cross-referencing it.



  • bq. why u not use anather programme to create images, may be it write images in wrong way

    I use openCV to read the image, but some weird image
    will make the program crash too.By the way, I need QImage
    to show the image I read.

    bq. Anyhow. File a bug in the Qt Bugtracker, as this clearly is one.

    I filed it on this page
    https://bugreports.qt-project.org/browse/QTBUG-29194

    bq. So this may be some very unlikely coincidence, where “red_mask >> red_shift” is -1, so that line divides by zero.

    Maybe you are correct, I remembered that primer warn us
    better don't manipulate the bits of signed Integral types, and I
    don't know why they don't use size_t but int?

    Anyway, thanks for your help.



  • The guess actually is correct. The screenshot shows, that red_mask was -2097152 and red_shift 21.

    -2097152_d = 11000000000000000000000_b

    So shifting that 21 places to the right yields (via arithmetic shift due to the signedness of the operands)

    10000000000000000000001_b = -1_d


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.