Bug 851543

According to upstream report, issue is in the sane-backends...

Hrvoje Senjan,
in https://bugs.kde.org/show_bug.cgi?id=326700
Kåre Särs states "This is a driver (backend) problem"
but without any hint why - I guess because [KCrash Handler]
appears in the thread that calls the genesys_* functions
which belong to the genesys driver - and then Kåre Särs
basically redirects the reporter to SANE upstream
without analysis whether or not it is really the driver.

What indicates from my point of view that the issue could be in the driver
is that comment#0 reads "xsane and skanlite both segfault" - when two
different frontnds crash, the root cause is likely not in the frontends
but in a lower level - e.g. in the backend (driver).

But on the other hand what indicates that it is not in the driver
is that comment#0 reads "worked fine in early 13.1 milestones
as well as in opensuse 12.3" and we have the sane sane-backends
version 1.0.23 where in openSUSE 13.1 there is only one patch
for the avision driver that is not used here(genesys is used here).

To find out whether or not it is really in the driver:

Per Jessen,
does it work with the "scanimage" command?
If yes, the issue is not in the driver.
If not, please attach debugging information to this bug
as described in "Trouble-Shooting (Debugging)" at
http://en.opensuse.org/SDB:Configuring_Scanners

FYI:
If the issue is in the driver there is basically nothing what
we at openSUSE could do because we do not have such a scanner
(and without scanner one cannot reproduce scanner driver issues
because one cannot run the driver without a matching scanner)
which means we at openSUSE could also only redirect you
to report your issue to SANE upstream so that there is a direct
communication between you and the upstream authors.

(In reply to comment #2)

> Per Jessen,
> does it work with the "scanimage" command?

No, scanimage also segfaults.

> If yes, the issue is not in the driver.
> If not, please attach debugging information to this bug
> as described in "Trouble-Shooting (Debugging)" at
> http://en.opensuse.org/SDB:Configuring_Scanners

There seems to be four examples, which one would you like me to do? 
Let me know if you want a backtrace of any of {scanimage|skanlite|xsane}. xsane is what I've reverted to using on 12.3, works fine.

well, there is a array overrun in genesys_gl646.c:


  while (sensor_master[i].sensor != -1 && i < nb)

the array index should be checked before the array is indexed.

e.g. like this:
  while (i < nb && sensor_master[i].sensor != -1)


the same bad pattern appears more often in this file, all of them need to be fixed.

(that it triggers in 13.1 is probably due to compiler optimizing this differently.)

Please no backtrace of GUI frontends like skanlite or xsane.

But a backtrace of the plain scanimage command could help,
provided there is human-readable debug info therein,
see in particular the section "Install -debuginfo Packages" at
http://en.opensuse.org/openSUSE:Bugreport_application_crashed


I found
https://bugs.archlinux.org/task/35549
that reads:
-----------------------------------------------------------------------------
Run xsane, select a scanner (HP ScanJet 2400c) leave
the settings default and then press Scan.
The app crashes with "Segmentation Fault".
I run it with gdb and found the problems happens
in the libsane-genesys.so.1
...
BUT:
scanimage -d genesys --format tiff --mode Color --resolution=300 > image.tiff
works well!
-----------------------------------------------------------------------------

If it is actually the same issue it indicates that
the settings for scanning make a difference.

Per Jessen,
does
scanimage -d genesys --format tiff --mode Color --resolution=300 >image.tiff
also work for you?


Regarding the higher-level debugging output of SANE:

According to "man sane-genesys" that reads:
------------------------------------------------------------------------
              Example (full and highly verbose output for gl646):
              export SANE_DEBUG_GENESYS=255
              export SANE_DEBUG_GENESYS_LOW=255
              export SANE_DEBUG_GENESYS_GL646=255
------------------------------------------------------------------------
and according to
https://bugs.kde.org/show_bug.cgi?id=326700 that reads
------------------------------------------------------------------------
[KCrash Handler
 #6 gl646_setup_registers (...
------------------------------------------------------------------------
it seems the hp scanjet 2400 uses the specific GL646 code part
of the genesys driver.

Accordingly I think this one should be best:

export SANE_DEBUG_GENESYS=255
export SANE_DEBUG_GENESYS_LOW=255
export SANE_DEBUG_GENESYS_GL646=255
export SANE_DEBUG_SANEI_USB=128
scanimage -d genesys -v 2>/var/tmp/genesys_gl646.debug 1>/dev/null

Please attach such a /var/tmp/genesys_gl646.debug
as MIME type "text/plain" to this bug.

Marcus Meissner,
very many thanks for your fast analysis!

I will file an upstream bug report - if it is not yet fixed
in the newest released sane-backends 1.0.24 (compare bnc#851720).

Created attachment 568722 [details]
debug output

(In reply to comment #5)
> Per Jessen,
> does
> scanimage -d genesys --format tiff --mode Color --resolution=300 >image.tiff
> also work for you?

No, that also segfaults.

> Accordingly I think this one should be best:
> 
> export SANE_DEBUG_GENESYS=255
> export SANE_DEBUG_GENESYS_LOW=255
> export SANE_DEBUG_GENESYS_GL646=255
> export SANE_DEBUG_SANEI_USB=128
> scanimage -d genesys -v 2>/var/tmp/genesys_gl646.debug 1>/dev/null
> 
> Please attach such a /var/tmp/genesys_gl646.debug
> as MIME type "text/plain" to this bug.

Attached.

The issue here should be fixed in sane-backends version 1.0.24


sane-backends version 1.0.24 is now available
for various openSUSE versions for 32-bit i586
and 64-bit x86_64 platforms from the openSUSE build
service develoment project "graphics" for direct
binary RPM download from
http://download.opensuse.org/repositories/graphics/

Do not use "Factory" if your system is not "Factory".
Use the matching packages for your particular system.

The packages in the "graphics" development project
are only for testing, without any guarantee
or warranty, and without any support.
As an extreme example, this means if your
complete computer center crashes because
of those packages, it is only your problem.
On the other hand this does not mean that those
packages are known to be terrible broken but
they are not thoroughly tested so that any
unexpected issue can happen.


Per Jessen,
I assume you are a venturous openSUSE user
who likes to try out if sane-backends version 1.0.24
from the OBS "graphics" development project
actually fixes it for you (I cannot test it
because I do not have such a scanner model).
In this case please report whether or not it works for you.

(In reply to comment #8)
> Per Jessen,
> I assume you are a venturous openSUSE user who likes to try out if 
> sane-backends version 1.0.24 from the OBS "graphics" development project
> actually fixes it for you (I cannot test it because I do not have such a
> scanner model).
> In this case please report whether or not it works for you.

Hello Johannes

I've just now upgraded to sane-backends-1.0.24-106.1.x86_64.rpm, and scanning works again!  Cool, thank you very much.

Many thanks for your valuable feedback!

This is the matching upstream bug report:
https://alioth.debian.org/tracker/?group_id=30186&atid=410366&func=detail&aid=314293

FYI
regarding sane-backends version upgrade to 1.0.24 see also bnc#851720