wechat_qrcode exception

[zhanglaplace]

System information (version)

• OpenCV => 4.2
• Operating System / Platform => Ubuntu16.04
• Compiler => g++

Detailed description

qrcode decode image get a Segmentation Fault received signal SIGSEGV, Segmentation fault. （double free or corruption (out)）

0 0x00005555555949db in zxing::UnicomBlock::Bfs(int, int) ()

1 0x0000555555594b09 in zxing::UnicomBlock::GetUnicomBlockIndex(int, int) ()

2 0x00005555555b684f in zxing::qrcode::FinderPatternFinder::find(zxing::DecodeHints const&, zxing::ErrorHandler&) ()

3 0x00005555555a1fd3 in zxing::qrcode::Detector::detect(zxing::DecodeHints const&, zxing::ErrorHandler&) ()

4 0x00005555555ba32d in zxing::qrcode::QRCodeReader::decodeMore(zxing::Ref, zxing::Ref, zxing::DecodeHints, zxing::ErrorHandler&) ()

5 0x00005555555bc7a1 in zxing::qrcode::QRCodeReader::decode(zxing::Ref, zxing::DecodeHints) ()

6 0x00005555555797e4 in cv::wechat_qrcode::DecoderMgr::Decode(zxing::Ref, zxing::DecodeHints) ()

7 0x0000555555579984 in cv::wechat_qrcode::DecoderMgr::TryDecode(zxing::Ref, zxing::Ref&) ()

8 0x0000555555579e37 in cv::wechat_qrcode::DecoderMgr::decodeImage(cv::Mat, bool, std::__cxx11::basic_string<char, std::char_traits, std::allocator >&) ()

Steps to reproduce

Issue submission checklist

• [ ] I report the issue, it's not a question
• [ ] I checked the problem with documentation, FAQ, open issues, answers.opencv.org, Stack Overflow, etc and have not found solution
• [ ] I updated to latest OpenCV version and the issue is still there
• [ ] There is reproducer code and related data files: videos, images, onnx, etc

[alalek]

Please provide complete minimal reproducer including used flags and input image

/cc @dddzg

[zhanglaplace]

@alalek decode will be failed when detect output boundingbox is big enough, such as 1024x1024;

[dddzg]

Could you please try some images and check whether it only happens for the image with a big bounding box?

[DoubleHeartLi]

I also have this problem, whether there is a solution or whether the reason has been found? thanks I use wechat_qrcode in iOS, the detailed description is the same as mine.

[MichaelHuyp]

same issue... Has the latest version been resolved?

[dddzg]

I am not clear about how to reimplement this bug. Did it only happen when the input image is large?

[Channingss]

I ran into a similar problem, and the stack of errors reported was almost the same 遇到类似的问题，报错的堆栈几乎一致。

[Channingss]

@alalek decode will be failed when detect output boundingbox is big enough, such as 1024x1024;

@zhanglaplace

When the boundingbox is too large, does the bug appear occasionally or must go wrong?

[MichaelHuyp]

My side is the daily scan code image that occasionally crashes. So far, I haven’t found the regularity of the crash image.

[MichaelHuyp]

崩溃标识 mach 崩溃类型 EXC_BAD_ACCESS (SIGSEGV) 崩溃子类型 KERN_INVALID_ADDRESS 崩溃地址 0x000000014541c000 崩溃诊断 Attempted to dereference garbage pointer 0x14541c000.Originated at or in a subcall of unknown, cannot find symbol It is a decode image executed in a multi-threaded environment, I don't know if it is related to thread safety

[wxyjevol]

the same issue.. i found that scan code when i cover the camera with hand is easier to happen. ps. my device is Huawei P20

在我的华为P20上用手半捂住摄像头扫描时比较容易出现

[alalek]

Use imwrite(.png) to save the last frame before crash. After that try to prepare complete minimal reproducer (including the image).

[Channingss]

@dddzg

When the hand is not completely covered, the above errors will occasionally occur.

it's strange, under the above circumstances, the QR code detection model will predict large bbox。

[Channingss]

@dddzg @alalek The assignment of vector is out of bounds, but I haven't found the reason. Please analyze the code based on this idea.

https://github.com/opencv/opencv_contrib/blob/8eec886808b1352cdb746772ef6e001ff83d2774/modules/wechat_qrcode/src/zxing/common/unicomblock.cpp#L110

[dddzg]

m_vcQueue is a vector, could we add a size check to avoid being out of the bound?

[Channingss]

@dddzg I tried to avoid that the index not exceed the size of the vector, which can avoid crashes, but I don’t know why the index will exceed the size of the vector.

[Channingss]

@dddzg When the hand is covered, there are too many unicomblock, which resulting in a large m_iNowIdx, but the data type isunsigned short, make data overflow to zero.

https://github.com/opencv/opencv_contrib/blob/8eec886808b1352cdb746772ef6e001ff83d2774/modules/wechat_qrcode/src/zxing/common/unicomblock.hpp#L35

and it will fall into an infinite loop: https://github.com/opencv/opencv_contrib/blob/8eec886808b1352cdb746772ef6e001ff83d2774/modules/wechat_qrcode/src/zxing/common/unicomblock.cpp#L103

[dddzg]

PR is welcomed! Thanks a lot.

[zhanglaplace]

@dddzg

When the hand is not completely covered, the above errors will occasionally occur.

it's strange, under the above circumstances, the QR code detection model will predict large bbox。

it seem qrcode detector predict much false positive bbox.

[dddzg]

Yes, it is reasonable. Because we will try to decode each detected QRcode.

[Channingss]

@dddzg The accuracy of the detection model is not enough, which is result of your consideration that the recall rate is higher than the accuracy rate?

PR is welcomed! Thanks a lot.

which branch i need to PR.

[dddzg]

From your custom new branch to OpenCV master branch. There are some examples that you can refer to: https://github.com/opencv/opencv_contrib/pulls?q=is%3Apr+is%3Aclosed+label%3A%22category%3A+wechat_qrcode%22

[Channingss]

@zhanglaplace @DoubleHeartLi

Does #2972 fix your crash?

[MichaelHuyp]

iphone unable to reimplement this bug when cover the camera with hand. Can only be modified to int and online observation

[Channingss]

iphone unable to reimplement this bug when cover the camera with hand. Can only be modified to int and online observation

Different mobile phone may not be able to reproduce the situation of covering the camera with your hand.