Bug 25606 - Mono crashed on creating Bitmap instance
Summary: Mono crashed on creating Bitmap instance
Status: RESOLVED NOT_REPRODUCIBLE
Alias: None
Product: Runtime
Classification: Mono
Component: Interop ()
Version: 3.2.x
Hardware: PC Linux
: --- normal
Target Milestone: ---
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2014-12-24 08:32 UTC by Mikhail
Modified: 2017-07-12 23:08 UTC (History)
5 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED NOT_REPRODUCIBLE

Description Mikhail 2014-12-24 08:32:25 UTC
I'm using Mono JIT compiler version 3.2.8 (Debian 3.2.8+dfsg-4ubuntu1).

My C# code:
using (var mem = new MemoryStream(bytesArray))
{
    using (var image = new Bitmap(mem))
    {
        return image.GetHashCode() == -1;
    }
}

It works in most of cases. But on some specific bytesArray it crashed on "var image = new Bitmap(mem)" line. Is it a mono problem?

Here is a crash message:
------------------------------------------------------------------------------------------
Stacktrace:
Native stacktrace:

        mono() [0x4b73d8]
        mono() [0x50f13b]
        mono() [0x423d22]
        /lib/x86_64-linux-gnu/libpthread.so.0(+0x10340) [0x7f62c1ed1340]
        /usr/lib/libgdiplus.so.0(+0x415ca) [0x7f629fdda5ca]
        /usr/lib/libgdiplus.so.0(GdipLoadImageFromDelegate_linux+0x1ab) [0x7f629fdc09bb]
        [0x41188192]

Debug info from gdb:

Could not attach to process.  If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user.  For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.
No threads.

=================================================================
Got a SIGSEGV while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries
used by your application.
=================================================================

Aborted
------------------------------------------------------------------------------------------
Comment 1 Mikhail 2014-12-24 08:40:06 UTC
Debug info from gdb:

[New LWP 21262]
[New LWP 21255]
[New LWP 21239]
[New LWP 21235]
[New LWP 21234]
[New LWP 21233]
[New LWP 21232]
[New LWP 21231]
[New LWP 21230]
[New LWP 21229]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0x00007f266c77c3bd in read () at ../sysdeps/unix/syscall-template.S:81
81      ../sysdeps/unix/syscall-template.S: No such file or directory.
  Id   Target Id         Frame
  11   Thread 0x7f2669edf700 (LWP 21229) "mono" sem_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_wait.S:85
  10   Thread 0x7f266906f700 (LWP 21230) "mono" pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
  9    Thread 0x7f2668e6e700 (LWP 21231) "mono" 0x00007f266c77cee9 in __libc_waitpid (pid=pid@entry=21266, stat_loc=stat_loc@entry=0x7f266d22831c, options=options@entry=0) at ../sysdeps/unix/sysv/linux/waitpid.c:40
  8    Thread 0x7f2668c6d700 (LWP 21232) "mono" pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
  7    Thread 0x7f2668a16700 (LWP 21233) "mono" 0x00007f266c4a2593 in epoll_wait () at ../sysdeps/unix/syscall-template.S:81
  6    Thread 0x7f26689d5700 (LWP 21234) "mono" sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
  5    Thread 0x7f2668994700 (LWP 21235) "mono" 0x00007f266c77cb9d in nanosleep () at ../sysdeps/unix/syscall-template.S:81
  4    Thread 0x7f266833f700 (LWP 21239) "mono" pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:238
  3    Thread 0x7f264b355700 (LWP 21255) "mono" sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
  2    Thread 0x7f2668752700 (LWP 21262) "mono" sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
* 1    Thread 0x7f266d2b07c0 (LWP 21228) "mono" 0x00007f266c77c3bd in read () at ../sysdeps/unix/syscall-template.S:81

Thread 11 (Thread 0x7f2669edf700 (LWP 21229)):
#0  sem_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_wait.S:85
#1  0x000000000062f667 in mono_sem_wait (sem=sem@entry=0x982440 <finalizer_sem>, alertable=alertable@entry=1) at mono-semaphore.c:119
#2  0x00000000005aba15 in finalizer_thread (unused=unused@entry=0x0) at gc.c:1073
#3  0x000000000058e34b in start_wrapper_internal (data=0x1361570) at threads.c:643
#4  start_wrapper (data=0x1361570) at threads.c:688
#5  0x000000000062410d in thread_start_routine (args=args@entry=0x12dce38) at wthreads.c:294
#6  0x0000000000633ef5 in inner_start_thread (arg=0x13613f0) at mono-threads-posix.c:49
#7  0x00007f266c775182 in start_thread (arg=0x7f2669edf700) at pthread_create.c:312
#8  0x00007f266c4a1efd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 10 (Thread 0x7f266906f700 (LWP 21230)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x000000000060da1b in _wapi_handle_timedwait_signal_handle (handle=0x400, timeout=timeout@entry=0x0, alertable=alertable@entry=1, poll=poll@entry=0) at handles.c:1588
#2  0x000000000060da55 in _wapi_handle_wait_signal (poll=poll@entry=0) at handles.c:1521
#3  0x0000000000621c09 in WaitForMultipleObjectsEx (numobjects=numobjects@entry=2, handles=handles@entry=0x7f266906e3a0, waitall=waitall@entry=0, timeout=timeout@entry=4294967295, alertable=alertable@entry=1) at wait.c:668
#4  0x000000000058d88d in mono_wait_uninterrupted (thread=thread@entry=0x7f266a0c2068, multiple=multiple@entry=1, numhandles=numhandles@entry=2, handles=handles@entry=0x7f266906e3a0, waitall=waitall@entry=0, ms=ms@entry=-1, alertable=1) at threads.c:1453
#5  0x000000000058f558 in ves_icall_System_Threading_WaitHandle_WaitAny_internal (mono_handles=<optimized out>, ms=-1, exitContext=<optimized out>) at threads.c:1551
#6  0x0000000041234a79 in ?? ()
#7  0x00007f265c002540 in ?? ()
#8  0x0000000000000001 in ?? ()
#9  0x0000000000000000 in ?? ()

Thread 9 (Thread 0x7f2668e6e700 (LWP 21231)):
#0  0x00007f266c77cee9 in __libc_waitpid (pid=pid@entry=21266, stat_loc=stat_loc@entry=0x7f266d22831c, options=options@entry=0) at ../sysdeps/unix/sysv/linux/waitpid.c:40
#1  0x00000000004b7465 in mono_handle_native_sigsegv (signal=signal@entry=11, ctx=ctx@entry=0x7f266d228c40) at mini-exceptions.c:2299
#2  0x000000000050f13b in mono_arch_handle_altstack_exception (sigctx=sigctx@entry=0x7f266d228c40, fault_addr=<optimized out>, stack_ovf=stack_ovf@entry=0) at exceptions-amd64.c:908
#3  0x0000000000423d22 in mono_sigsegv_signal_handler (_dummy=11, info=0x7f266d228d70, context=0x7f266d228c40) at mini.c:6769
#4  <signal handler called>
#5  0x00007f264a7da5ca in ?? () from /usr/lib/libgdiplus.so.0
#6  0x00007f264a7c09bb in GdipLoadImageFromDelegate_linux () from /usr/lib/libgdiplus.so.0
#7  0x000000004180a252 in ?? ()
#8  0x00007f2668e6d1a0 in ?? ()
#9  0x0000000041f1b348 in ?? ()
#10 0x00007f266d180420 in ?? ()
#11 0x00007f266d180040 in ?? ()
#12 0x00007f266d180120 in ?? ()
#13 0x00007f266d180240 in ?? ()
#14 0x00007f266d180320 in ?? ()
#15 0x00007f266bec7ae0 in ?? ()
#16 0x00007f266bec7a78 in ?? ()
#17 0x00007f2660002540 in ?? ()
#18 0x00007f266be234a8 in ?? ()
#19 0x00007f266be234a8 in ?? ()
#20 0x00007f2668e6d140 in ?? ()
#21 0x00007f2668e6d0b0 in ?? ()
#22 0x00007f2669fd2a40 in ?? ()
#23 0x00007f266be22fe0 in ?? ()
#24 0x00007f266bec79e8 in ?? ()
#25 0x00007f266bec7a18 in ?? ()
#26 0x00007f2668e6d1d0 in ?? ()
#27 0x0000000041220b68 in ?? ()
#28 0x00007f2668e6d1a0 in ?? ()
#29 0x00007f266bec79e8 in ?? ()
#30 0x00007f266bec7a18 in ?? ()
#31 0x00007f266bec7c18 in ?? ()
#32 0x00007f266bec7a78 in ?? ()
#33 0x00007f266bec7ae0 in ?? ()
#34 0x00007f266bec7b48 in ?? ()
#35 0x00007f266bec7bb0 in ?? ()
#36 0x00007f266bec6320 in ?? ()
#37 0x00000000005b5594 in mono_object_new_alloc_specific (vtable=0x7f266bec7b48) at object.c:4457
#38 0x00007f266be22fe0 in ?? ()
#39 0x00007f266bec79e8 in ?? ()
#40 0x00007f266bec6320 in ?? ()
#41 0x00007f2668e6d3d0 in ?? ()
#42 0x0000000041220954 in ?? ()
#43 0x00007f266bec79e8 in ?? ()
#44 0x00007f266bec6320 in ?? ()
#45 0x00007f2660002540 in ?? ()
#46 0x0000000041220910 in ?? ()
#47 0x00007f266bec79e8 in ?? ()
#48 0x00007f266bec6320 in ?? ()
#49 0x00007f2668e6d1f0 in ?? ()
#50 0x00000000412208bc in ?? ()
#51 0x00007f266be7e6c0 in ?? ()
#52 0x00007f266a040178 in ?? ()
#53 0x00007f266a040178 in ?? ()
#54 0x00000000409ae98c in ?? ()
#55 0x00007f2668e6d190 in ?? ()
#56 0x00007f266be212c0 in ?? ()
#57 0x0000000000000001 in ?? ()
#58 0x0000000000000000 in ?? ()

Thread 8 (Thread 0x7f2668c6d700 (LWP 21232)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x000000000060da1b in _wapi_handle_timedwait_signal_handle (handle=handle@entry=0x414, timeout=timeout@entry=0x0, alertable=alertable@entry=1, poll=poll@entry=0) at handles.c:1588
#2  0x000000000060da8b in _wapi_handle_wait_signal_handle (handle=handle@entry=0x414, alertable=alertable@entry=1) at handles.c:1533
#3  0x00000000006211cd in WaitForSingleObjectEx (handle=0x414, timeout=timeout@entry=4294967295, alertable=alertable@entry=1) at wait.c:196
#4  0x000000000058d8ef in mono_wait_uninterrupted (thread=thread@entry=0x7f266a0c2338, multiple=multiple@entry=0, numhandles=numhandles@entry=1, handles=handles@entry=0x7f2668c6c668, waitall=waitall@entry=0, ms=ms@entry=-1, alertable=1) at threads.c:1455
#5  0x000000000058f6b6 in ves_icall_System_Threading_WaitHandle_WaitOne_internal (this=<optimized out>, handle=0x414, ms=-1, exitContext=<optimized out>) at threads.c:1587
#6  0x0000000041f739f8 in ?? ()
#7  0x00007f2654002540 in ?? ()
#8  0x00007f266bf132e0 in ?? ()
#9  0x00007f265c0025c0 in ?? ()
#10 0x00007f2668c6c730 in ?? ()
#11 0x00007f2668c6c6a0 in ?? ()
#12 0x0000000000000000 in ?? ()

Thread 7 (Thread 0x7f2668a16700 (LWP 21233)):
#0  0x00007f266c4a2593 in epoll_wait () at ../sysdeps/unix/syscall-template.S:81
#1  0x0000000000591c2b in tp_epoll_wait (p=p@entry=0x9821e0 <socket_io_data>) at ../../mono/metadata/tpool-epoll.c:118
#2  0x000000000058e34b in start_wrapper_internal (data=0x7f265c06a0a0) at threads.c:643
#3  start_wrapper (data=0x7f265c06a0a0) at threads.c:688
#4  0x000000000062410d in thread_start_routine (args=args@entry=0x12ddb80) at wthreads.c:294
#5  0x0000000000633ef5 in inner_start_thread (arg=0x7f265c06f010) at mono-threads-posix.c:49
#6  0x00007f266c775182 in start_thread (arg=0x7f2668a16700) at pthread_create.c:312
#7  0x00007f266c4a1efd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 6 (Thread 0x7f26689d5700 (LWP 21234)):
#0  sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
#1  0x000000000062f74b in mono_sem_timedwait (sem=sem@entry=0x982088 <async_io_tp+40>, timeout_ms=timeout_ms@entry=2000, alertable=alertable@entry=1) at mono-semaphore.c:82
#2  0x0000000000594002 in async_invoke_thread (data=0x0, data@entry=0x982060 <async_io_tp>) at threadpool.c:1565
#3  0x000000000058e34b in start_wrapper_internal (data=0x7f265c06e7b0) at threads.c:643
#4  start_wrapper (data=0x7f265c06e7b0) at threads.c:688
#5  0x000000000062410d in thread_start_routine (args=args@entry=0x12ddd10) at wthreads.c:294
#6  0x0000000000633ef5 in inner_start_thread (arg=0x7f265c069ff0) at mono-threads-posix.c:49
#7  0x00007f266c775182 in start_thread (arg=0x7f26689d5700) at pthread_create.c:312
#8  0x00007f266c4a1efd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 5 (Thread 0x7f2668994700 (LWP 21235)):
#0  0x00007f266c77cb9d in nanosleep () at ../sysdeps/unix/syscall-template.S:81
#1  0x000000000062342b in SleepEx (ms=ms@entry=500, alertable=alertable@entry=1) at wthreads.c:842
#2  0x00000000005914f3 in monitor_thread (unused=unused@entry=0x0) at threadpool.c:779
#3  0x000000000058e34b in start_wrapper_internal (data=0x7f264c0130e0) at threads.c:643
#4  start_wrapper (data=0x7f264c0130e0) at threads.c:688
#5  0x000000000062410d in thread_start_routine (args=args@entry=0x12ddf68) at wthreads.c:294
#6  0x0000000000633ef5 in inner_start_thread (arg=0x7f264c013ad0) at mono-threads-posix.c:49
#7  0x00007f266c775182 in start_thread (arg=0x7f2668994700) at pthread_create.c:312
#8  0x00007f266c4a1efd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 4 (Thread 0x7f266833f700 (LWP 21239)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:238
#1  0x000000000060d80b in _wapi_handle_timedwait_signal_handle (handle=handle@entry=0x437, timeout=timeout@entry=0x7f266833e7f0, alertable=alertable@entry=1, poll=poll@entry=0) at handles.c:1586
#2  0x0000000000620fd9 in WaitForSingleObjectEx (handle=0x437, timeout=timeout@entry=59999, alertable=alertable@entry=1) at wait.c:198
#3  0x000000000058d8ef in mono_wait_uninterrupted (thread=thread@entry=0x7f266a0c39b8, multiple=multiple@entry=0, numhandles=numhandles@entry=1, handles=handles@entry=0x7f266833e8e8, waitall=waitall@entry=0, ms=ms@entry=59999, alertable=1) at threads.c:1455
#4  0x000000000058f6b6 in ves_icall_System_Threading_WaitHandle_WaitOne_internal (this=<optimized out>, handle=0x437, ms=59999, exitContext=<optimized out>) at threads.c:1587
#5  0x0000000041f739f8 in ?? ()
#6  0x00007f2650004610 in ?? ()
#7  0x00007f266bc381d0 in ?? ()
#8  0x0000000000000001 in ?? ()
#9  0x00007f266833e9b0 in ?? ()
#10 0x00007f266833e920 in ?? ()
#11 0x0000000000000000 in ?? ()

Thread 3 (Thread 0x7f264b355700 (LWP 21255)):
#0  sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
#1  0x000000000062f74b in mono_sem_timedwait (sem=sem@entry=0x982148 <async_tp+40>, timeout_ms=timeout_ms@entry=2000, alertable=alertable@entry=1) at mono-semaphore.c:82
#2  0x0000000000594002 in async_invoke_thread (data=0x0, data@entry=0x982120 <async_tp>) at threadpool.c:1565
#3  0x000000000058e34b in start_wrapper_internal (data=0x7f2650004ba0) at threads.c:643
#4  start_wrapper (data=0x7f2650004ba0) at threads.c:688
#5  0x000000000062410d in thread_start_routine (args=args@entry=0x12e0740) at wthreads.c:294
#6  0x0000000000633ef5 in inner_start_thread (arg=0x7f2650026160) at mono-threads-posix.c:49
#7  0x00007f266c775182 in start_thread (arg=0x7f264b355700) at pthread_create.c:312
#8  0x00007f266c4a1efd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 2 (Thread 0x7f2668752700 (LWP 21262)):
#0  sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
#1  0x000000000062f74b in mono_sem_timedwait (sem=sem@entry=0x982148 <async_tp+40>, timeout_ms=timeout_ms@entry=2000, alertable=alertable@entry=1) at mono-semaphore.c:82
#2  0x0000000000594002 in async_invoke_thread (data=0x0, data@entry=0x982120 <async_tp>) at threadpool.c:1565
#3  0x000000000058e34b in start_wrapper_internal (data=0x7f2650004ba0) at threads.c:643
#4  start_wrapper (data=0x7f2650004ba0) at threads.c:688
#5  0x000000000062410d in thread_start_routine (args=args@entry=0x12de5a8) at wthreads.c:294
#6  0x0000000000633ef5 in inner_start_thread (arg=0x7f2650025f10) at mono-threads-posix.c:49
#7  0x00007f266c775182 in start_thread (arg=0x7f2668752700) at pthread_create.c:312
#8  0x00007f266c4a1efd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 1 (Thread 0x7f266d2b07c0 (LWP 21228)):
#0  0x00007f266c77c3bd in read () at ../sysdeps/unix/syscall-template.S:81
#1  0x000000000060eb30 in read (__nbytes=1024, __buf=0x7f266bf14450, __fd=0) at /usr/include/x86_64-linux-gnu/bits/unistd.h:44
#2  console_read (handle=<optimized out>, buffer=0x7f266bf14450, numbytes=<optimized out>, bytesread=0x7fff2d040cec, overlapped=<optimized out>) at io.c:1079
#3  0x0000000000607952 in ves_icall_System_IO_MonoIO_Read (handle=0x0, dest=0x7f266bf14430, dest_offset=<optimized out>, count=1024, error=0x7fff2d040d80) at file-io.c:833
#4  0x0000000041429395 in ?? ()
#5  0x0000000001357300 in ?? ()
#6  0x0000000000000000 in ?? ()

=================================================================
Got a SIGSEGV while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries
used by your application.
=================================================================
Comment 2 Zoltan Varga 2015-01-02 18:47:44 UTC
Please try with a recent mono version (at least 3.10).
Comment 3 Ludovic Henry 2017-07-12 23:08:30 UTC
Can you still reproduce with latest version of mono? If you can, please reopen and provide a complete repro case. Thank you