Bug 512088

Summary: Gwenview reproducably crashes due to xcf files
Product: [Applications] gwenview Reporter: Ellie <el>
Component: generalAssignee: Gwenview Bugs <gwenview-bugs-null>
Status: REPORTED ---    
Severity: crash CC: aacid, kdelibs-bugs-null, mircomir
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: postmarketOS   
OS: Linux   
URL: https://gitlab.alpinelinux.org/alpine/aports/-/issues/17782
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Ellie 2025-11-14 16:26:38 UTC 
SUMMARY

Gwenview reproducably crashes due to xcf files. You don't even need to open them up, they just need to be in the same folder:

Thread 7 "Thread (pooled)" received signal SIGSEGV, Segmentation fault.
[Switching to LWP 1015]
0x0000007ff5623b84 in QByteArray::replace(QByteArrayView, QByteArrayView) ()
   from /lib/libQt6Core.so.6
(gdb) bt
#0  0x0000007ff5623b84 in QByteArray::replace(QByteArrayView, QByteArrayView)
    () at /lib/libQt6Core.so.6
#1  0x0000007fe166ce44 in ??? ()
    at /usr/lib/qt6/plugins/imageformats/kimg_xcf.so
#2  0x0000007fe1675c80 in ??? ()
    at /usr/lib/qt6/plugins/imageformats/kimg_xcf.so
#3  0x0000007fe1675da4 in ??? ()
    at /usr/lib/qt6/plugins/imageformats/kimg_xcf.so
#4  0x0000007ff5b7dea8 in ??? () at /lib/libQt6Gui.so.6
#5  0x0000007ff5b7e55c in QImageReader::read() () at /lib/libQt6Gui.so.6
#6  0x0000007ff7da5808 in ??? () at /lib/libgwenviewlib.so.5
#7  0x0000007ff7da3574 in ??? () at /lib/libgwenviewlib.so.5
#8  0x0000007ff7da6208 in ??? () at /lib/libgwenviewlib.so.5
#9  0x0000007ff5701da8 in ??? () at /lib/libQt6Core.so.6
#10 0x0000007ff56f9db4 in ??? () at /lib/libQt6Core.so.6
#11 0x0000007ff7f9f900 in start (p=0x7fe0fff790)
    at src/thread/pthread_create.c:207
#12 0x0000007ff7f9dcf8 in __clone () at src/thread/aarch64/clone.s:29

STEPS TO REPRODUCE

1. Open .jpg file in a folder where there is also .xcf file, the .xcf may need to be the "next" file according to whatever sorting gwenview uses

OBSERVED RESULT

Crash

EXPECTED RESULT

No crash

SOFTWARE/OS VERSIONS

Windows: 
macOS: 
(available in the Info Center app, or by running `kinfo` in a terminal window)
Linux/KDE Plasma: pmOS Edge
KDE Plasma Version: 6.5.2
KDE Frameworks Version: 6.19.0
Qt Version: 6.9.3

ADDITIONAL INFORMATION
Comment 1 Mirco Miranda 2025-11-15 07:12:07 UTC 
Moved to Gwenview
Comment 2 Albert Astals Cid 2025-11-17 10:36:23 UTC 
Mirco: Why move it to gwenview?

It is crashing in imageformats/kimg_xcf.so
Comment 3 Albert Astals Cid 2025-11-17 10:36:59 UTC 
Ellie, can you share those xcf files?
Comment 4 Bug Janitor Service 2025-12-02 03:46:01 UTC 
๐Ÿ›๐Ÿงน โš ๏ธ This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information, then set the bug status to REPORTED. If there is no change for at least 30 days, it will be automatically closed as RESOLVED WORKSFORME.

For more information about our bug triaging procedures, please read https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging.

Thank you for helping us make KDE software even better for everyone!
Comment 5 Ellie 2025-12-05 18:56:23 UTC 
I can trigger it with the attached gif turned into an .xcf:

~ $ gwenview Waiting\ For\ A\ Response\ Pedro\ Pascal.xcf 
kf.solid.backends.fstab: Failed to acquire watch file descriptor No file descriptors available
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/vnd.radiance"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-epson-erf"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-hasselblad-3fr"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-hasselblad-fff"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-leaf-mos"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-mamiya-mef"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-minolta-mdc"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-pfm"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-phaseone-iiq"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-phm"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-pxr"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-samsung-srw"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-sct"
org.kde.kdegraphics.gwenview.lib: Unresolved mime type  "image/x-sinar-sti"
org.kde.kdegraphics.gwenview.lib: Unresolved raw mime type  "image/x-samsung-srw"
Segmentation fault
~ $
Comment 6 Ellie 2025-12-05 18:59:06 UTC 
It's too large to attach, so I stored it here: horse64.org/temp/Waiting%20For%20A%20Response%20Pedro%20Pascal.xcf
Comment 7 Albert Astals Cid 2025-12-08 12:07:55 UTC 
I can open it just fine.

Which kimageformats version do you have?

Can you get us a nicer backtrace? https://community.kde.org/Guidelines_and_HOWTOs/Debugging/How_to_create_useful_crash_reports#Backtraces
Comment 8 Ellie 2025-12-08 12:21:16 UTC 
Sadly, it seems like Alpine doesn't package any kimageformats-dev and therefore likely doesn't ship the debugging symbols:

# apk search kimage
grub-2.12-r7
kimageannotator-0.7.1-r1
kimageannotator-dev-0.7.1-r1
kimageformats-6.13.0-r0
kimagemapeditor-25.04.2-r0
kimagemapeditor-doc-25.04.2-r0
kimagemapeditor-lang-25.04.2-r0
kquickimageeditor-0.5.1-r0
kquickimageeditor-dev-0.5.1-r0
kquickimageeditor5-0.3.0-r0
kquickimageeditor5-dev-0.3.0-r0
mtk-mkimage-1-r2
syslinux-6.04_pre1-r16
u-boot-tools-2025.04-r6
#

My best guess is, if this works for you on a GLIBC system, that the xcf decoder might be excessively using the stack, which could also be a potential security issue if the bounds of that depend on the input image. Alpine uses musl libc which uses a smaller stack by default, so suspiciously large stack activities tend to cause crashes.
Comment 9 Ellie 2025-12-08 12:22:40 UTC 
(I don't know if it's relevant, but GIMP itself has no issues opening this image.)
Comment 10 Albert Astals Cid 2025-12-08 12:26:38 UTC 
(In reply to Ellie from comment #9)
> (I don't know if it's relevant, but GIMP itself has no issues opening this
> image.)

It is not relevant because we are not GIMP.
Comment 11 Albert Astals Cid 2025-12-08 12:28:02 UTC 
If you can't provide better information and you are using an exotic system, I would suggest you go and report this crash in your exotic system bug tracker.
Comment 12 Ellie 2025-12-08 12:38:19 UTC 
Thank you for letting me know. I reported it here: https://gitlab.alpinelinux.org/alpine/aports/-/issues/17782 How common musl libc is I really don't know, but hopefully this will shed some light on what is going on.
Comment 13 Mirco Miranda 2025-12-08 14:03:38 UTC 
(In reply to Albert Astals Cid from comment #2)
> Mirco: Why move it to gwenview?

Because the report said there had to be a JPG file in the same folder to crash GwenView. 

Alpine Linux is part of our CIs and the plugin doesn't crash. I also tested the plugin (alone) on the systems I had available (Windows, BSD, and macOS) where different compilers are used (MSVC and Clang). I never managed to get it to crash. I was sure it wasn't a plugin issue.
Comment 14 Mirco Miranda 2025-12-08 14:06:27 UTC 
(In reply to Mirco Miranda from comment #13)

> Windows, BSD, and macOS

And of course also in Linux at work and at home.