Crash upon CGImageDestinationFinalize

2020-08-10 09:34发布

问题:

My app allows users to edit photos using the Photos framework. I am seeing some crash reports, and it appears the crash occurs when generating the output image, but I am not sure where the problem lies. This crash is occurring on multiple hardware devices and multiple versions of iOS 9 including the latest 9.1. The last call my app makes is CGImageDestinationFinalize in order to create the edited image NSData. The crash reports show that calls continue in the CoreImage space before the crash occurs in what appears to be GLTextureManager.

Could this an out of memory issue? Do you see the issue? How can this be resolved?

Relevant code from PhotoEditor.swift, inside function fullImageOutput that's called from editSingleAsset which is running on a background queue with QOS_CLASS_UTILITY:

let outputPhoto = //the generated CIImage that is the edited photo to be saved to disk
let dataRef = CFDataCreateMutable(nil, 0)

if let destination = CGImageDestinationCreateWithData(dataRef, "public.jpeg", 1, nil) {
    struct ContextStruct {
        static var ciContext: CIContext? = nil
    }
    if ContextStruct.ciContext == nil {
        let eaglContext = EAGLContext(API: .OpenGLES2)
        ContextStruct.ciContext = CIContext(EAGLContext: eaglContext)
    }
    let cgImage = ContextStruct.ciContext!.createCGImage(outputPhoto, fromRect: outputPhoto.extent)

    CGImageDestinationAddImage(destination, cgImage, nil)

    if CGImageDestinationFinalize(destination) { //FIXME: CRASH
       //write to disk from dataRef etc
    }

}

Visualization of crash report:

Crash report details:

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000145201ac0
Triggered by Thread:  7

Thread 7 name:
Thread 7 Crashed:
0   libsystem_platform.dylib        0x0000000199e36220 _platform_memmove + 48 (memmove.s:220)
1   CoreImage                       0x0000000184e86e4c CI::GLTextureManager::texture_for_CGImage(CGImage*, CI::PixelFormat) + 372 (context-gles.cpp:910)
2   CoreImage                       0x0000000184e8a310 CI::GLContext::bind_textures(CI::SerialObjectPtrArray*, CI::Kernel*) + 240 (context-gles.cpp:3060)
3   CoreImage                       0x0000000184e899e0 CI::GLContext::render_apply_node(CI::Node const*, bool) + 160 (context-gles.cpp:2699)
4   CoreImage                       0x0000000184e897fc CI::GLContext::recursive_render(CI::Node*, bool) + 912 (context-gles.cpp:2379)
5   CoreImage                       0x0000000184e8a788 CI::GLContext::render(CI::Node*) + 180 (context-gles.cpp:2880)
6   CoreImage                       0x0000000184e9bfec CI::_get_bitmap(CI::Context*, CI::Image*, CGRect, CGColorSpace*, CI::Bitmap*) + 676 (render.cpp:2622)
7   CoreImage                       0x0000000184e9bc9c CI::image_get_bitmap(CI::Context*, CI::Image*, CGRect, CGColorSpace*, CI::Bitmap*, unsigned long) + 664 (render.cpp:2680)
8   CoreImage                       0x0000000184ea08e8 copyImageBlockSetOptsCallback(void*, CGImageProvider*, CGRect, CGSize, __CFDictionary const*) + 856 (imageProvider.h:143)
9   CoreGraphics                    0x0000000184af2198 CGImageProviderCopyImageBlockSet + 220 (CGImageProvider.c:500)
10  ImageIO                         0x0000000185baa41c GetBytesImageProvider + 484 (CGImagePixelDataProvider.c:382)
11  ImageIO                         0x0000000185c40440 _CGImagePluginWriteAppleJPEG + 2444 (imageAppleJPEG.c:2785)
12  ImageIO                         0x0000000185ba3020 CGImageDestinationFinalize + 724 (CGImageDestination.c:2119)
13  MyAppNameHere                   0x0000000100096468 _TFC11 MyAppNameHere 12PhotoEditor15fullImageOutputfS0_FT_GSqCSo22PHContentEditingOutput_ + 1272 (PhotoEditor.swift:71)
14  MyAppNameHere                   0x0000000100113310 _TFFFFFC11 MyAppNameHere 36PhotosPickerCollectionViewController16editSingleAssetFS0_FCSo7PHAssetT_U_FT_T_U0_FTGSqCSo21PHContentEditingInput_GVSs10DictionaryCSo8NSObjectPSs9AnyObject___T_U_FT_T_U_FT_T_ + 172 (PhotosPickerCollectionViewController.swift:851)
15  libdispatch.dylib               0x0000000199c296e8 _dispatch_call_block_and_release + 24 (init.c:761)
16  libdispatch.dylib               0x0000000199c296a8 _dispatch_client_callout + 16 (object.m:513)
17  libdispatch.dylib               0x0000000199c37b40 _dispatch_root_queue_drain + 2140 (inline_internal.h:1063)
18  libdispatch.dylib               0x0000000199c372dc _dispatch_worker_thread3 + 112 (queue.c:4250)
19  libsystem_pthread.dylib         0x0000000199e3d470 _pthread_wqthread + 1092 (pthread.c:1990)
20  libsystem_pthread.dylib         0x0000000199e3d020 start_wqthread + 4 (pthread_asm.s:191)

回答1:

This was a known issue in iOS 9 that has been resolved in iOS 10. There was nothing wrong with the source code.