Ubuntu
libpng package

libpng/zlib segmentation fault when writing PNG files

Bug #90198 reported by Spotworks LLC
12
Affects Status Importance Assigned to Milestone
libpng (Ubuntu)
Invalid
Medium
Unassigned

Bug Description

Binary package hint: gnome-utils

On my system, a fully updated Edgy Eft, 2.6.17-11-generic kernel on an Asus M2N-SLI with AMD X2 4600+ 65W processor, 2GB RAM, I intermittently get segmentation faults when taking screenshots (gnome-screenshot, from command-line or from print screen button.) The contents of the Bug Buddy window are as follows:

Memory status: size: 64118784 vsize: 0 resident: 64118784 share: 0 rss: 16994304 rss_rlim: 0
CPU usage: start_time: 1173207500 rtime: 0 utime: 48 stime: 0 cutime:48 cstime: 0 timeout: 0 it_real_value: 0 frequency: 0

Backtrace was generated from '/usr/bin/gnome-panel-screenshot'

Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1224976720 (LWP 6039)]
0xffffe410 in __kernel_vsyscall ()
#0 0xffffe410 in __kernel_vsyscall ()
#1 0xb749e34b in __waitpid_nocancel () from /lib/tls/i686/cmov/libpthread.so.0
#2 0xb7f5b1b6 in gnome_gtk_module_info_get () from /usr/lib/libgnomeui-2.so.0
#3 <signal handler called>
#4 0xb73cc37c in memcpy () from /lib/tls/i686/cmov/libc.so.6
#5 0xb7291e8d in deflateCopy () from /usr/lib/libz.so.1
#6 0xb7292a44 in deflateInit_ () from /usr/lib/libz.so.1
#7 0xb7292f10 in deflate () from /usr/lib/libz.so.1
#8 0xb714d101 in png_write_chunk () from /usr/lib/libpng12.so.0
#9 0xb714d64b in png_write_chunk () from /usr/lib/libpng12.so.0
#10 0xb7151774 in png_write_row () from /usr/lib/libpng12.so.0
#11 0xb7151937 in png_write_rows () from /usr/lib/libpng12.so.0
#12 0xb68a2a79 in fill_info ()
   from /usr/lib/gtk-2.0/2.10.0/loaders/libpixbufloader-png.so
#13 0x082b45e8 in ?? ()
#14 0xbf938ef0 in ?? ()
#15 0x00000001 in ?? ()
#16 0x00000400 in ?? ()
#17 0x00000008 in ?? ()
#18 0x00000006 in ?? ()
#19 0x00000000 in ?? ()

Thread 1 (Thread -1224976720 (LWP 6039)):
#0 0xffffe410 in __kernel_vsyscall ()
No symbol table info available.
#1 0xb749e34b in __waitpid_nocancel () from /lib/tls/i686/cmov/libpthread.so.0
No symbol table info available.
#2 0xb7f5b1b6 in gnome_gtk_module_info_get () from /usr/lib/libgnomeui-2.so.0
No symbol table info available.
#3 <signal handler called>
No symbol table info available.
#4 0xb73cc37c in memcpy () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#5 0xb7291e8d in deflateCopy () from /usr/lib/libz.so.1
No symbol table info available.
#6 0xb7292a44 in deflateInit_ () from /usr/lib/libz.so.1
No symbol table info available.
#7 0xb7292f10 in deflate () from /usr/lib/libz.so.1
No symbol table info available.
#8 0xb714d101 in png_write_chunk () from /usr/lib/libpng12.so.0
No symbol table info available.
#9 0xb714d64b in png_write_chunk () from /usr/lib/libpng12.so.0
No symbol table info available.
#10 0xb7151774 in png_write_row () from /usr/lib/libpng12.so.0
No symbol table info available.
#11 0xb7151937 in png_write_rows () from /usr/lib/libpng12.so.0
No symbol table info available.
#12 0xb68a2a79 in fill_info ()
   from /usr/lib/gtk-2.0/2.10.0/loaders/libpixbufloader-png.so
No symbol table info available.
#13 0x082b45e8 in ?? ()
No symbol table info available.
#14 0xbf938ef0 in ?? ()
No symbol table info available.
#15 0x00000001 in ?? ()
No symbol table info available.
#16 0x00000400 in ?? ()
No symbol table info available.
#17 0x00000008 in ?? ()
No symbol table info available.
#18 0x00000006 in ?? ()
No symbol table info available.
#19 0x00000000 in ?? ()
No symbol table info available.
#0 0xffffe410 in __kernel_vsyscall ()

This happens about 3 of every 5-10 calls to gnome-screenshot. Additionally, I regularly have problems writing PNG files from *any* application. Segmentation faults that result from the other applications are at exactly the same place as the one listed above.

I've performed memtest86+ for three cycles with no errors detected.

I have tested this with a Live Edgy CD with the same results. I have also tested this with Feisty Herd 5 with the same results. (Update: I just tested the Live Dapper LTS CD, and I have not gotten a segmentation fault in approximately 100 screenshots.) I will be happy to provide any further information as required - this is a big show-stopper for me.

See original description
Spotworks LLC (spotworks)
description: updated
Revision history for this message
Daniel Holbach (dholbach) wrote :

Thanks for your bug report. Can you get a debug backtrace with gnome-utils-dbgsym libgtk2.0-0-dbgsym libglib2.0-0-dbgsym from http://wiki.ubuntu.com/DebuggingProgramCrash installed and get another backtrace?

Changed in gnome-utils:
assignee: nobody → desktop-bugs
importance: Undecided → Medium
status: Unconfirmed → Needs Info
Revision history for this message
Sebastien Bacher (seb128) wrote :

could you get the backtrace with zlib1g-dbgsym installed?

Revision history for this message
Spotworks LLC (spotworks) wrote :

I will later today. In order to attempt to correct the problem, I wiped my system and installed Dapper, but I have the feeling that there will be too many hardware compatibility issues for me to continue using it. Edgy will go back on to help debug the problem at that point.

Revision history for this message
Spotworks LLC (spotworks) wrote :
Download full text (4.3 KiB)

OK, so I followed the instructions on the DebuggingProgramCrash page to get a backtrace, and had some difficulties, since the Bug Buddy kept popping up and interfering. I seem to have found TWO issues instead of one, as the gdb logs will indicate.

The first time, I ran gnome-screenshot without the --disable-crash-dialog flag, and found it very difficult to reproduce the error. I ran into two issues. The first is that intermittently, I would get messages in gdb that said there was an unexpected async reply:

(gdb) run
Starting program: /usr/bin/gnome-screenshot
[Thread debugging using libthread_db enabled]
[New Thread -1224685904 (LWP 5669)]
[New Thread -1235620960 (LWP 5672)]
[New Thread -1244013664 (LWP 5673)]
Xlib: unexpected async reply (sequence 0x601)!
[New Thread -1263416416 (LWP 5675)]
[Thread -1244013664 (LWP 5673) exited]
[Thread -1235620960 (LWP 5672) exited]

Program exited normally.

When this happens, I am unable to close the gnome-screenshot dialog, and I am forced to kill the process manually before the window goes away.

Now, I did get the segfault crash eventually, but the bug buddy popped up and I was unable to get a backtrace in gdb. Here's what the bug buddy had in the window:

Memory status: size: 57683968 vsize: 0 resident: 57683968 share: 0 rss: 11218944 rss_rlim: 0
CPU usage: start_time: 1173286442 rtime: 0 utime: 20 stime: 0 cutime:20 cstime: 0 timeout: 0 it_real_value: 0 frequency: 0

Backtrace was generated from '/usr/bin/gnome-panel-screenshot'

Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1225202000 (LWP 5214)]
0xffffe410 in __kernel_vsyscall ()
#0 0xffffe410 in __kernel_vsyscall ()
#1 0xb746734b in __waitpid_nocancel () from /lib/tls/i686/cmov/libpthread.so.0
#2 0xb7f241b6 in gnome_gtk_module_info_get () from /usr/lib/libgnomeui-2.so.0
#3 <signal handler called>
#4 0xb739537c in memcpy () from /lib/tls/i686/cmov/libc.so.6
#5 0xb725ae8d in ?? () from /usr/lib/libz.so.1
#6 0x08210178 in ?? ()
#7 0x0824bbe9 in ?? ()
#8 0x000001c0 in ?? ()
#9 0x00000014 in ?? ()
#10 0x00000105 in ?? ()
#11 0x08208178 in ?? ()
#12 0x00008000 in ?? ()
#13 0x00008000 in ?? ()
#14 0x00010000 in ?? ()
#15 0x00007efb in ?? ()
#16 0x000001c0 in ?? ()
#17 0xb7269a10 in ?? () from /usr/lib/libz.so.1
#18 0x0000fefa in ?? ()
#19 0x00000000 in ?? ()

Thread 1 (Thread -1225202000 (LWP 5214)):
#0 0xffffe410 in __kernel_vsyscall ()
No symbol table info available.
#1 0xb746734b in __waitpid_nocancel () from /lib/tls/i686/cmov/libpthread.so.0
No symbol table info available.
#2 0xb7f241b6 in gnome_gtk_module_info_get () from /usr/lib/libgnomeui-2.so.0
No symbol table info available.
#3 <signal handler called>
No symbol table info available.
#4 0xb739537c in memcpy () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#5 0xb725ae8d in ?? () from /usr/lib/libz.so.1
No symbol table info available.
#6 0x08210178 in ?? ()
No symbol table info available.
#7 0x0824bbe9 in ?? ()
No symbol table info available.
#8 0x000001c0 in ?? ()
No symbol table info available.
#9 0x00000014 in ?? ()
No symbol table info available.
#10 0x00000105 i...

Read more...

Revision history for this message
Spotworks LLC (spotworks) wrote :

I just got the same error on Dapper using the k7 kernel (2.6.15-28-k7). I have been unable to get this error using the 386 kernel, however. Is this a threading problem with the png or zlib libraries and this platform?

Revision history for this message
Spotworks LLC (spotworks) wrote :

Sorry, I should have noted that this is the SMP version of the kernel, instead of just the k7 version. I have not tried the vanilla k7 version (there's enough entries right now in my grub menu, thank you very much), but I will if it's required.

I'm about at my wit's end here, as there's noone else anywhere that has had this problem, if my Googling skills are as sharp as I think.

Revision history for this message
Spotworks LLC (spotworks) wrote :

More details...

I installed Edgy 64-bit on a partition, and it does not exhibit this bug. Unfortunately, MATLAB does not get along at all with Edgy x64 (can't even install it properly) so I can't use it for this machine (my employer's box).

I am going on vacation for a few days, but when I return, I have to get this machine in working order for my job. Unfortunately, the only real solution for me at this point, given all of the problems I've had so far, is to use Win XP (/me feels dirty even saying that.)

Revision history for this message
Sebastien Bacher (seb128) wrote :

The crash looks like a libpng bug, reassigning. You want to change your os only because one screenshot program doesn't work? You can do screenshots using gimp as a workaround

Changed in gnome-utils:
assignee: desktop-bugs → nobody
status: Needs Info → Unconfirmed
Revision history for this message
Spotworks LLC (spotworks) wrote :

Maybe I wasn't clear above. ALL png-writing software is affected by this bug. While I might be able to get by using JPG for screenshots (ugly ones) I also do fractal artwork renders with PNG output. To wait 15-20 hours for a render to complete only to have it fail writing the PNG in the last step is a very frustrating prospect (that I unfortunately am very familiar with now.)

I feel that I have to change my OS because this is an intermittent (read: hard to prove exists) bug in an oft-used library for a very specific processor/motherboard combination, and since I have run across noone who has had issues like this so far, I find it unlikely that in my uniqueness I will effect change. If there IS a problem in libpng, then great, I helped out. But in the meantime, I still have to make the machine work for all of its intended purposes, and so far I can't make any flavor of Ubuntu cooperate with all of my needs. Hopefully this bug can be resolved in short order, because I hate to leave my Beryl desktop behind.

Revision history for this message
Spotworks LLC (spotworks) wrote :

Should this potentially be reassigned as a kernel bug?

Revision history for this message
Sebastien Bacher (seb128) wrote :

not likely a linux bug

Revision history for this message
Spotworks LLC (spotworks) wrote :

Swapped out all hardware except CPU, still had problem. Replaced CPU, problem solved - must have been a bad CPU. Recommend deletion of this bug report.

Changed in libpng:
status: Unconfirmed → Rejected
Revision history for this message
Sebastien Bacher (seb128) wrote :

thank you for updating the bug

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.