pyobjus icon indicating copy to clipboard operation
pyobjus copied to clipboard
verified publisher icon kivy

Malloc/heap corruption when passing a NSRect value from python to ObjectiveC

Open mtctn opened this issue 3 years ago • 0 comments

Hello everyone,

I'm experiencing an issue with pyobjus in a Kivy project, from which I need to use the iOS content sharing API (UIKit framework), and I'm stuck because calls to this method from python causes a random malloc error.

I managed to isolate the issue, with the following minimum reproductible example:

Let's define a dummy class in ObjectiveC, with two dummy methods that take a single CGRect argument, and only logs the rect value. One method takes its argument as a pointer, and the other as a value:

@interface foo : NSObject
@end
@implementation foo
- (void)rect_pointer:(CGRect*) rect {
    NSLog(@"rect_ref: %@", NSStringFromCGRect(*rect));
}
- (void)rect_value:(CGRect) rect {
    NSLog(@"rect: %@", NSStringFromCGRect(rect));
}
@end

When I try to access these methods from python, I have no issue with the rect_pointer method, but rect_value produces a random malloc error.

Python code:

from pyobjus import autoclass, NSRect, NSPoint, NSSize

foo = autoclass("foo")
f = foo.alloc().init()

pos = NSPoint(0,0)
size = NSSize(100, 100)
rect = NSRect(pos, size)

# this works perfectly
for i in range(10):
    f.rect_pointer_(rect)

# this fails after a random number of iterations
for i in range(10):
    f.rect_value_(rect)

I'm executing it on iOS, either on a real device (iPad mini 6th generation) or a simulator.

0
2022-12-16 15:36:35.327586+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
1
2022-12-16 15:36:35.327983+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
2
2022-12-16 15:36:35.328324+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
3
2022-12-16 15:36:35.328678+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
4
2022-12-16 15:36:35.329004+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
5
2022-12-16 15:36:35.329257+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
6
2022-12-16 15:36:35.329572+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
7
2022-12-16 15:36:35.329925+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
8
2022-12-16 15:36:35.330556+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
9
2022-12-16 15:36:35.330991+0100 cgrect[12373:506332] rect_pointer: {{0, 0}, {100, 100}}
0
2022-12-16 15:36:35.331851+0100 cgrect[12373:506332] rect_value: {{0, 0}, {0, 100}}
1
2022-12-16 15:36:35.332374+0100 cgrect[12373:506332] rect_value: {{0, 0}, {100, 100}}
2
cgrect(12373,0x102718580) malloc: Heap corruption detected, free list is damaged at 0x28031c5c0
*** Incorrect guard value: 4636737291354636288
cgrect(12373,0x102718580) malloc: *** set a breakpoint in malloc_error_break to debug
dyld4 config: DYLD_LIBRARY_PATH=/usr/lib/system/introspection DYLD_INSERT_LIBRARIES=/Developer/usr/lib/libBacktraceRecording.dylib:/Developer/usr/lib/libMainThreadChecker.dylib:/usr/lib/libMTLCapture.dylib:/Developer/Library/PrivateFrameworks/DTDDISupport.framework/libViewDebuggerSupport.dylib
cgrect(12373,0x102718580) malloc: Heap corruption detected, free list is damaged at 0x28031c5c0
*** Incorrect guard value: 4636737291354636288
(lldb)

mtctn avatar Dec 16 '22 14:12 mtctn