[Fedora] genesys: backend aborts when built with _GLIBCXX_ASSERTIONS
Hi,
genesys backend causes aborting of any application which calls it (simple-scan, xsane) with following backtrace (simple-scan):
/usr/include/c++/9/bits/stl_vector.h:1042: std::vector<_Tp, _Alloc>::reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp, _Alloc>::size_type) [with _Tp = short unsigned int; _Alloc = std::allocator<short unsigned int>; std::vector<_Tp, _Alloc>::reference = short unsigned int&; std::vector<_Tp, _Alloc>::size_type = long unsigned int]: Assertion '__builtin_expect(__n < this->size(), true)' failed.
Aborted (core dumped)
Here is a stack trace:
/usr/include/c++/9/bits/stl_vector.h:1042: std::vector<_Tp, _Alloc>::reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp, _Alloc>::size_type) [with _Tp = short unsigned int; _Alloc = std::allocator<short unsigned int>; std::vector<_Tp, _Alloc>::reference = short unsigned int&; std::vector<_Tp, _Alloc>::size_type = long unsigned int]: Assertion '__builtin_expect(__n < this->size(), true)' failed.
(gdb) ba
- 0 0x00007ffff6ea8e35 in raise () from /lib64/libc.so.6
- 1 0x00007ffff6e93895 in abort () from /lib64/libc.so.6
- 2 0x00007fffe50860c8 in std::__replacement_assert (__file=__file@entry=0x7fffe50eb3e0 "/usr/include/c++/9/bits/stl_vector.h", __line=__line@entry=1042, __function=__function@entry=0x7fffe50ec2f8 "std::vector<_Tp, _Alloc>::reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp, _Alloc>::size_type) [with _Tp = short unsigned int; _Alloc = std::allocator<short unsigned int>; std::vector<_"..., __condition=__condition@entry=0x7fffe50eb290 "__builtin_expect(__n < this->size(), true)") at /usr/include/c++/9/x86_64-redhat-linux/bits/c++config.h:2533
- 3 0x00007fffe50e51af in std::vector<unsigned short, std::allocator<unsigned short> >::operator[] (__n=<optimized out>, this=<optimized out>) at /usr/include/c++/9/bits/stl_vector.h:1040
- 4 sanei_genesys_generate_gamma_buffer (dev=0x7fffdc093d70, sensor=..., bits=<optimized out>, max=65535, size=<optimized out>, gamma=0x7fffdc0a8930 "") at genesys_low.cc:1232
- 5 0x00007fffe50e54ae in sanei_genesys_send_gamma_table (dev=0x7fffdc093d70, sensor=...) at genesys_low.cc:1271
- 6 0x00007fffe507ecd2 in genesys_start_scan (lamp_off=0, dev=0x7fffdc093d70) at genesys.cc:3849
- 7 sane_start_impl (handle=0x7fffdc0c8ae0) at genesys.cc:7230
- 8 sane_start_impl (handle=0x7fffdc0c8ae0) at genesys.cc:7208
- 9 0x00007fffe508040e in <lambda()>::operator() (__closure=<optimized out>) at genesys.cc:7295
- 10 wrap_exceptions_to_status_code<sane_genesys_start(SANE_Handle)::<lambda()> > (func=0x7fffe50ee953 "sane_genesys_start", function=...) at genesys_error.h:165
- 11 sane_genesys_start (handle=<optimized out>) at genesys.cc:7293
- 12 0x000055555558b365 in ?? ()
- 13 0x00007ffff7dc54c2 in g_thread_proxy () from /lib64/libglib-2.0.so.0
- 14 0x00007ffff6de44c0 in start_thread () from /lib64/libpthread.so.0
- 15 0x00007ffff6f6d553 in clone () from /lib64/libc.so.6
It is caused by sane-backends being built with _GLIBCXX_ASSERTIONS , which should cause the abort when you index the empty vector or accessing non-existing index in vector. I'm not sure if it happens in sane-backends case, because the code seems correct in my opinion, but the result is users are not able to scan.
I'm trying to fix the issue in similar way as other projects did. I sent the build with proposed fix to users to verify in Fedora ticket since I do not have the required scanner model. But the mechanism can be even somewhere else in the code, so I'm filing the ticket beforehand.
Edited by Olaf Meeuwissen