[Mono-bugs] [Bug 569940] New: Mono crashes when using System.Drawing.Image.FromFile with a special TIF-File

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Tue Jan 12 06:45:56 EST 2010 

http://bugzilla.novell.com/show_bug.cgi?id=569940

http://bugzilla.novell.com/show_bug.cgi?id=569940#c0


           Summary: Mono crashes when using System.Drawing.Image.FromFile
                    with a special TIF-File
    Classification: Mono
           Product: Mono: Runtime
           Version: 2.6.x
          Platform: i686
        OS/Version: UNIX Other
            Status: NEW
          Severity: Critical
          Priority: P5 - None
         Component: misc
        AssignedTo: mono-bugs at lists.ximian.com
        ReportedBy: frank at puschin.de
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---
           Blocker: ---


Created an attachment (id=336106)
 --> (http://bugzilla.novell.com/attachment.cgi?id=336106)
The image causing the Segmentation Fault

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.7)
Gecko/20091221 Firefox/3.5.7

With the attached TIF-File there is a Segmentation Fault with the
Image.FromFile method. I tried older Mono-version, too.

Reproducible: Always

Steps to Reproduce:
1. Use the System.Drawing.Image.FromFile method to open the attached TIF-File
2. Mono crashes
Actual Results:  
Segmentation Fault

Expected Results:  
Reading the image into memory.

Stacktrace:

  at (wrapper managed-to-native) System.Drawing.GDIPlus.GdipLoadImageFromFile
(string,intptr&) <0x00004>
  at (wrapper managed-to-native) System.Drawing.GDIPlus.GdipLoadImageFromFile
(string,intptr&) <0x00004>
  at System.Drawing.Image.FromFile (string,bool) <0x0004e>
  at System.Drawing.Image.FromFile (string) <0x00012>
  at ConsoleApplication1.Program.Main (string[]) <0x00022>
  at (wrapper runtime-invoke) <Module>.runtime_invoke_void_object
(object,intptr,intptr,intptr) <0x00043>

Native stacktrace:

        /opt/mono/bin/mono [0x80d8282]
        /opt/mono/bin/mono [0x8111f1b]
        [0xb7f6e410]
        /usr/lib/libgdiplus.so [0xb7348be1]
        /usr/lib/libgdiplus.so(GdipLoadImageFromFile+0x283) [0xb7327333]
        [0xb78a338c]
        [0xb78a2737]
        [0xb78a26d3]
        [0xb789c1cb]
        [0xb789c23c]
        /opt/mono/bin/mono [0x8063ae5]
        /opt/mono/bin/mono(mono_runtime_invoke+0x40) [0x81439f0]
        /opt/mono/bin/mono(mono_runtime_exec_main+0xe5) [0x8147285]
        /opt/mono/bin/mono(mono_runtime_run_main+0x16b) [0x81475fb]
        /opt/mono/bin/mono(mono_main+0x19a5) [0x80b7bc5]
        /opt/mono/bin/mono [0x805b9b1]
        /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7d06775]
        /opt/mono/bin/mono [0x805b8e1]
Cannot access memory at address 0x0

Debug info from gdb:

[Thread debugging using libthread_db enabled]
[New Thread 0xb7cbc6f0 (LWP 19352)]
[New Thread 0xb74deb90 (LWP 19354)]
[New Thread 0xb7502b90 (LWP 19353)]
0xb7f6e430 in __kernel_vsyscall ()
  3 Thread 0xb7502b90 (LWP 19353)  0xb7f6e430 in __kernel_vsyscall ()
  2 Thread 0xb74deb90 (LWP 19354)  0xb7f6e430 in __kernel_vsyscall ()
  1 Thread 0xb7cbc6f0 (LWP 19352)  0xb7f6e430 in __kernel_vsyscall ()

Thread 3 (Thread 0xb7502b90 (LWP 19353)):
#0  0xb7f6e430 in __kernel_vsyscall ()
#1  0xb7e868f6 in nanosleep () from /lib/tls/i686/cmov/libpthread.so.0
#2  0x081d4338 in collection_thread (unused=0x0) at collection.c:34
#3  0xb7e7f4ff in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#4  0xb7dd449e in clone () from /lib/tls/i686/cmov/libc.so.6

Thread 2 (Thread 0xb74deb90 (LWP 19354)):
#0  0xb7f6e430 in __kernel_vsyscall ()
#1  0xb7e853f5 in sem_wait@@GLIBC_2.1 () from
/lib/tls/i686/cmov/libpthread.so.0
#2  0x0815a818 in finalizer_thread (unused=0x0) at gc.c:1022
#3  0x0811b1d7 in start_wrapper (data=0x9d58798) at threads.c:662
#4  0x081d34e6 in thread_start_routine (args=0x9d5a5dc) at wthreads.c:286
#5  0x081fc41b in GC_start_routine (arg=0x35f20) at pthread_support.c:1390
#6  0xb7e7f4ff in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#7  0xb7dd449e in clone () from /lib/tls/i686/cmov/libc.so.6

Thread 1 (Thread 0xb7cbc6f0 (LWP 19352)):
#0  0xb7f6e430 in __kernel_vsyscall ()
#1  0xb7dd0a87 in syscall () from /lib/tls/i686/cmov/libc.so.6
#2  0x08115142 in mono_runtime_syscall_fork () at mini-posix.c:556
#3  0x080d83c7 in mono_handle_native_sigsegv (signal=11, ctx=0xb7b7cd0c) at
mini-exceptions.c:1789
#4  0x08111f1b in mono_arch_handle_altstack_exception (sigctx=0xb7b7cd0c,
fault_addr=0x190, stack_ovf=0) at exceptions-x86.c:905
#5  <signal handler called>
#6  0xb70ba4fd in TIFFClose () from /usr/lib/libtiff.so.4
#7  0xb7348be1 in ?? () from /usr/lib/libgdiplus.so
#8  0xb7327333 in GdipLoadImageFromFile () from /usr/lib/libgdiplus.so
#9  0xb78a338c in ?? ()
#10 0xb78a2737 in ?? ()
#11 0xb78a26d3 in ?? ()
#12 0xb789c1cb in ?? ()
#13 0xb789c23c in ?? ()
#14 0x08063ae5 in mono_jit_runtime_invoke (method=0x9d421e4, obj=0x0,
params=0xbfd4d368, exc=0x0) at mini.c:4691
#15 0x081439f0 in mono_runtime_invoke (method=0x9d421e4, obj=0x0,
params=0xbfd4d368, exc=0x0) at object.c:2602
#16 0x08147285 in mono_runtime_exec_main (method=0x9d421e4, args=0x58fd0,
exc=0x0) at object.c:3543
#17 0x081475fb in mono_runtime_run_main (method=0x9d421e4, argc=0,
argv=0xbfd4d5d8, exc=0x0) at object.c:3317
#18 0x080b7bc5 in mono_main (argc=2, argv=0xbfd4d5d4) at driver.c:999
#19 0x0805b9b1 in main (argc=) at main.c:34
#0  0xb7f6e430 in __kernel_vsyscall ()

=================================================================
Got a SIGSEGV while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries
used by your application.
=================================================================

-- 
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the mono-bugs mailing list