Image: PNGs beyond roughly 38000x38000 encode with CRC errors

A short analysis shows that it might be broken chunking, which is consistent with having more than 4GB of data here. Some digging has me convinced that the length field of the IDAT chunk is wrong¹. It's encoding only contains a 32-bit integer so an image that large must be split over multiple IDAT chunks. It seems that png instead wrongly wraps the length instead of splitting the image over chunks. I'm going to look deeper into the reasons for that.

Finally, is this something that can be fixed by a tool if only the encoded images are left? I have a couple 50000x50000 images with just over a 100 CPU hours in them, which I'd rather not re-generate.

Fixing is probably not only a CRC issue. But it could be possible to manually split the IDAT by adding new chunk boundaries at the correct places (although that willl require a specialized tool for that bug).

¹ According to this PngSuite CRC fix tool there are a number of invalid chunks here following the IDAT chunk. That's probably image data being interpreted as a chunk.

Sorry about this! Based on @HeroicKatora's assessment, I was able to patch together a hacky way of recovering the files. (My forked version of image-png doesn't validate the CRC and just keeps reading more and more data from the IDAT chunk until it runs off the end of the file)

Cargo.toml:

[package]
name = "img-test"
version = "0.0.0"

[dependencies]
image = { git="https://github.com/image-rs/image" }

[patch.crates-io]
png = { git = "https://github.com/fintelia/image-png", branch = "recovery-hack" }

src/main.rs:

extern crate image;

use image::{GenericImageView, DynamicImage, ImageDecoder, RgbImage};
use image::io::Reader as ImageReader;
use std::io::Read;
use std::fs::File;
use std::env;

fn main() {
    let size: usize = env::args().nth(1).expect("Pass image edge size as first argument").parse().unwrap();

    let mut buf = Vec::new();
    let file = File::open(format!("{0}x{0}.png", size)).unwrap();
    let decoder = image::png::PNGDecoder::new(file).unwrap();
    let mut reader = decoder.into_reader().unwrap();

    // Ignore any errors from the decoder and just get as much image data as we can
    let _ = reader.read_to_end(&mut buf);

    println!("{} bytes read", buf.len());

    buf.resize(size * size * 3, 0);
    let mut img = DynamicImage::ImageRgb8(RgbImage::from_raw(
        size as u32, size as u32, buf).unwrap());

    // At this point img contains the recovered data. Now just have to save it somehow.
    // GIMP was able to open these BMPs, and they contained plausible looking data so
    // that should be good enough.

    img.crop(0, 0, 19000, 19000).save(format!("{0}x{0}.0.bmp", size));
    img.crop(19000, 0, 19000, 19000).save(format!("{0}x{0}.1.bmp", size));
    img.crop(0, 19000, 19000, 19000).save(format!("{0}x{0}.2.bmp", size));
    img.crop(19000, 19000, 19000, 19000).save(format!("{0}x{0}.3.bmp", size));
}

Reopening until the recovery code has been confirmed to work.

@fintelia Does not look like a recovery to me. The second and third parts are completely black but should be filled with random data. I'm also not sure how the patch is supposed to circumvent the problem of incorrect chunk length's, due to which the chunking is completely broken.

Here's some script to fix this on the chunk level. The resulting png is suboptimal since many chunks may not have maximum possible size but it was fairly simple to write. Builds with Rust 1.34.2.

https://gist.github.com/HeroicKatora/8968caf2ad6620762194971f2d8bc762

Yep, @HeroicKatora's recovery works, thank you!