Xcode 7表示NSBitmapImageRep中的堆缓冲区溢出 - 位图数据

时间:2015-09-20 09:32:39

标签: xcode7 nsimage osx-elcapitan nsimagerep address-sanitizer

通过Xcode 7中新的Address Sanitizer功能运行我的应用程序时遇到了一个问题我无法理解:

我试图从这样的NSImage初始化中等大小(588x375)纹理

NSImage *texture = [[NSBundle bundleForClass:self.class] imageForResource:@"ground_texture"];

NSBitmapImageRep *bitmap = (NSBitmapImageRep *)[texture bestRepresentationForDevice:@{
                                                                                         NSDeviceColorSpaceName: NSCalibratedRGBColorSpace,
                                                                                         NSDeviceBitsPerSample: @8,
                                                                                         NSDeviceIsScreen: @"YES"
                                                                                         }];
unsigned char* imageRepBitmapData = bitmap.bitmapData;

一旦执行到达代码示例的最后一行,我就得到AsanDie抱怨堆栈缓冲区溢出这个堆栈跟踪(运行10.11.1 beta):

==5070==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61300061f8f4 at pc 0x0001000d1c34 bp 0x7fff5fbfbcd0 sp 0x7fff5fbfb488
READ of size 384 at 0x61300061f8f4 thread T0
==5070==WARNING: Can't read from symbolizer at fd 14
    #0 0x1000d1c33 in wrap_memmove (/Applications/Xcode-beta.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/7.0.0/lib/darwin/libclang_rt.asan_osx_dynamic.dylib+0x39c33)
    #1 0x7fff92e1c98c in -[_NSInlineData initWithBytes:length:] (/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation+0xc98c)
    #2 0x7fff92e1c4f6 in -[_NSPlaceholderData initWithBytes:length:copy:deallocator:] (/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation+0xc4f6)
    #3 0x7fff92e1c954 in -[NSData(NSData) initWithBytes:length:] (/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation+0xc954)
    #4 0x7fff92e28800 in +[NSData(NSData) dataWithBytes:length:] (/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation+0x18800)
    #5 0x7fff923733eb in -[NSBitmapImageRep _fromCGImage:performBlockUsingMutableData:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x2503eb)
    #6 0x7fff925d0094 in __79-[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingMutableData:]_block_invoke_2 (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x4ad094)
    #7 0x7fff922c2093 in __75-[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingCGImage:]_block_invoke (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x19f093)
    #8 0x7fff922c16f8 in -[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingCGImage:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x19e6f8)
    #9 0x7fff921a0e96 in __79-[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingMutableData:]_block_invoke (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7de96)
    #10 0x7fff921a0d9b in -[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingMutableData:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7dd9b)
    #11 0x7fff921a0d16 in __57-[NSBitmapImageRep _performBlockUsingBackingMutableData:]_block_invoke (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7dd16)
    #12 0x7fff921a0c8a in -[NSBitmapImageRep _performBlockUsingBackingMutableData:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7dc8a)
    #13 0x7fff921a0c17 in -[NSBitmapImageRep getBitmapDataPlanes:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7dc17)
    #14 0x7fff921a0b9e in -[NSBitmapImageRep bitmapData] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7db9e)

有了这个分配线索:

0x6130005d59f4 is located 0 bytes to the right of 372-byte region [0x6130005d5880,0x6130005d59f4)
allocated by thread T0 here:
    #0 0x1000dabb0 in wrap_malloc (/Applications/Xcode-beta.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/7.0.0/lib/darwin/libclang_rt.asan_osx_dynamic.dylib+0x42bb0)
    #1 0x7fff92372c42 in -[NSBitmapImageRep _fromCGImage:performBlockUsingMutableData:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x24fc42)
    #2 0x7fff925d0094 in __79-[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingMutableData:]_block_invoke_2 (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x4ad094)
    #3 0x7fff922c2093 in __75-[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingCGImage:]_block_invoke (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x19f093)
    #4 0x7fff922c16f8 in -[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingCGImage:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x19e6f8)
    #5 0x7fff921a0e96 in __79-[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingMutableData:]_block_invoke (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7de96)
    #6 0x7fff921a0d9b in -[NSBitmapImageRep _withoutChangingBackingPerformBlockUsingBackingMutableData:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7dd9b)
    #7 0x7fff921a0d16 in __57-[NSBitmapImageRep _performBlockUsingBackingMutableData:]_block_invoke (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7dd16)
    #8 0x7fff921a0c8a in -[NSBitmapImageRep _performBlockUsingBackingMutableData:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7dc8a)
    #9 0x7fff921a0c17 in -[NSBitmapImageRep getBitmapDataPlanes:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7dc17)
    #10 0x7fff921a0b9e in -[NSBitmapImageRep bitmapData] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7db9e)
    #11 0x1026e788c in -[MyOpenGLRenderingThingie loadTexture:intoTexture:] (/Users/me/Library/Developer/Xcode/DerivedData/...)

所以基本上深入了解AppKit。

任何想法可能是什么......?

0 个答案:

没有答案