Half of those I've already fixed and I thought I pushed it but I guess I didn't? Will check again later.

Why is the stride even needed ? Only for future usage ? The macOS code supports only bytePerPixel = 4 because of the data reordering:

Windows also uses GUID_WICPixelFormat32bppRGBA

All right, I actually pushed the fixes this time. Try again. I know there are some things you said that I didn't cover in those fixes, so I'm not sure which still need to be merged in.

Stride is a standard parameter when storing image data in memory, because it's sometimes faster to have extra columns on the right side that are ignored when actually drawing the image, depending on the hardware.

I updated the PR.

Remaining problems:

Running the tester on macOS, I get this when closing the window:

2018-07-22 00:18:36.802 test[72161:1300621] get 0x0
main window 0x6120000346d0
size
in onClosing()
after uiMain()
ASAN:DEADLYSIGNAL
=================================================================
==72161==ERROR: AddressSanitizer: SEGV on unknown address 0x7fff3e000168 (pc 0x7fff7d488174 bp 0x7ffee6555e40 sp 0x7ffee6555e40 T0)
==72161==The signal is caused by a READ memory access.
    #0 0x7fff7d488173 in objc_release (libobjc.A.dylib:x86_64+0x9173)
    #1 0x7fff7d489041 in (anonymous namespace)::AutoreleasePoolPage::pop(void*) (libobjc.A.dylib:x86_64+0xa041)
    #2 0x7fff5618d895 in _CFAutoreleasePoolPop (CoreFoundation:x86_64+0x42895)
    #3 0x7fff582e3b55 in -[NSAutoreleasePool release] (Foundation:x86_64+0x20b55)
    #4 0x109916e33 in uiUninit main.m:144
    #5 0x1096bd58b in main main.c:178
    #6 0x7fff7e0aa014 in start (libdyld.dylib:x86_64+0x1014)

==72161==Register values:
rax = 0x00007fff3e000148  rbx = 0x00006250002b8010  rcx = 0x00006250002b8ca0  rdx = 0x0000000000000204
rdi = 0x00006080000ccda0  rsi = 0x00000001097800e0  rbp = 0x00007ffee6555e40  rsp = 0x00007ffee6555e40
 r8 = 0x000060400016c580   r9 = 0x0000000000000000  r10 = 0xffffffffffffffff  r11 = 0x00000fffffffffff
r12 = 0xa3a3a3a3a3a3a3a3  r13 = 0x0000000000000000  r14 = 0x0000625000006038  r15 = 0x0000625000006000
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (libobjc.A.dylib:x86_64+0x9173) in objc_release
==72161==ABORTING
Abort trap: 6

It doesn't happen with this line commented out:

On Linux, this line

If we want to be cross-platform, stride should always be "row size of the input data", in bytes.

But maybe I'm wrong - as this function is not optimized for speed anyway, copying bytes one-by-one is slow - so different input and internal stride is ok.

For realtime there should be different function - returning pointer to internal framebuffer, on what game engine will draw directly.

If we want to be cross-platform, stride should always be "row size of the input data", in bytes.

It is (the pixelStride parameter).

But maybe I'm wrong - as this function is not optimized for speed anyway, copying bytes one-by-one is slow - so different input and internal stride is ok.
For realtime there should be different function - returning pointer to internal framebuffer, on what game engine will draw directly.

From #2 (comment):

I've now started a slightly different image API based on the fact UI elements that need to render in high-DPI systems use separate image file assets. Right now, this is going to be used in uiTable for image cell parts (don't worry about what this means just yet; just know that multiple parts of different types can make one cell). Not sure if a uiImageView will be provided in alpha 4 or not.

So this is really an uiIcon rather than uiImage.

I've already forgotten what the precise definition of stride is in libui. I'll have to go back and fix that, since it's part of the documentation.

The ASAN crash from: #402 (comment):

2018-07-29 17:37:40.481 test[15512:105095] get 0x0
main window 0x6120000346d0
in onClosing()
after uiMain()
ASAN:DEADLYSIGNAL
=================================================================
==15512==ERROR: AddressSanitizer: SEGV on unknown address 0x7fff020000c8 (pc 0x7fff6c0d3174 bp 0x7ffeeea0fe60 sp 0x7ffeeea0fe60 T0)
==15512==The signal is caused by a READ memory access.
    #0 0x7fff6c0d3173 in objc_release (libobjc.A.dylib:x86_64+0x9173)
    #1 0x7fff6c0d4041 in (anonymous namespace)::AutoreleasePoolPage::pop(void*) (libobjc.A.dylib:x86_64+0xa041)
    #2 0x7fff44dd8895 in _CFAutoreleasePoolPop (CoreFoundation:x86_64+0x42895)
    #3 0x7fff46f2eb55 in -[NSAutoreleasePool release] (Foundation:x86_64+0x20b55)
    #4 0x1012b7e33 in uiUninit main.m:144
    #5 0x10120394b in main main.c:178
    #6 0x7fff6ccf5014 in start (libdyld.dylib:x86_64+0x1014)

==15512==Register values:
rax = 0x00007fff020000a8  rbx = 0x0000625000143010  rcx = 0x0000625000143820  rdx = 0x00000000000001a6
rdi = 0x00006080000485a0  rsi = 0x00000001025510e0  rbp = 0x00007ffeeea0fe60  rsp = 0x00007ffeeea0fe60
 r8 = 0x0000604000069f80   r9 = 0x0000000000000000  r10 = 0xffffffffffffffff  r11 = 0x00000fffffffffff
r12 = 0xa3a3a3a3a3a3a3a3  r13 = 0x0000000000000000  r14 = 0x0000625000006038  r15 = 0x0000625000006000
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (libobjc.A.dylib:x86_64+0x9173) in objc_release
==15512==ABORTING
Abort trap: 6

happens only if at least one other page is included besides page 16.

I think it has something to do with these two release calls:

The ASAN doesn't trigger if one call is removed. Does bitmapImageRepByRetaggingWithColorSpace copy anything / is there memory that is freed twice?

What are the two calls that can be removed? What you are describing only makes sense if the line that is removed is [repsRGB release]; (which I think is a bug, depending on the docs of bitmapImageRepByRetaggingWithColorSpace:).

What you are describing only makes sense if the line that is removed is [repsRGB release];

Yes, that line. No change if the other one is removed.

(which I think is a bug, depending on the docs of bitmapImageRepByRetaggingWithColorSpace:).

The docs say:

If the original NSBitmapImageRep already uses that color space, it is returned as is.

So if it doesn't allocate anything new in that case, then it shouldn't do it in the other case either?

On here, it says:

• bitmapImageRepByRetaggingWithColorSpace:
  Changes the colorSpace tag of the receiver.

So: imageRep.colorSpace = ... ? But not really, because printing the color space of repCalibrated and repsRGB after the retagging call show different values - it has create a new instance?

Right, it's a double-free.

Okay, I fixed it in a more correct way than just removing that line. Does asan still complain?

Okay, I fixed it in a more correct way than just removing that line. Does asan still complain?

No 👍

In that case, what's left in this PR?

In that case, what's left in this PR?

That double-free was never part of this PR.
uiImageAppend allocated 4 times too much memory and didn't copy the data correctly.

I think that the same bug also still exists on Linux, this line

I made a decision

// uiImageAppend adds a representation to the uiImage.
// pixels should point to a byte array of non-premultiplied pixels
// stored in [R G B A] order (so ((uint8_t *) pixels)[0] is the R of the
// first pixel and [3] is the A of the first pixel). pixelWidth and
// pixelHeight is the size *in pixels* of the image, and pixelStride is
// the number *of bytes* per row of the pixels array. Therefore,
// pixels itself must be at least pixelStride * pixelHeight bytes long.

If libui doesn't follow this, we'll have to fix it. I'll do that before merging.

All right, this should be resolved now. Thanks again! What's left in this PR to merge in?

And I forget if I asked already, but: what cmake/make line are you using to build libui with the sanitizers? I'd like to know so I could do so too.

Is pixelStride needed at all as uiImageAppend parameter, if it is always pixelWidth * 4 ?

What's left in this PR to merge in?

The macOS uiImageAppend byte "swizzling" would only work for byteStride == pixelWidth * 4. Now that should be handled correctly.

what cmake/make line are you using to build libui with the sanitizers?

cd build && cmake .. -DADDRESS_SANITIZER=ON

Handled here:

All right, thanks. n and l can be changed back to y and x now; then I can merge this back in. (Also correction: the loop I wrote only works for byteStride being any multiple of 4, not just for pixelWidth * 4. Thanks again, and sorry for the slowness in this PR!)

@msink no, that's just what the minimum value of the pixel stride is. What the stride actually is is a question for the person supplying the image data. Perhaps some image decoding library like libpng sets a custom stride. It's a standard parameter when handling raw image data that every library provides either as an input, output, or both, and libui is no different; the point is that some image manipulations can be made faster if the pixels of each scanline are aligned in a way that seems unusual when thinking about the image as strictly a matrix of pixels.

n and l can be changed back to y and x now; then I can merge this back in.

Done.

the point is that some image manipulations can be made faster if the pixels of each scanline are aligned in a way that seems unusual when thinking about the image as strictly a matrix of pixels

I still not get - anyway internal stride will/can differ from input parameter of uiImageAppend.
And uiImageAppend supports only RGBA truecolor bitmaps - so why pixelStride needed for input?
If it ever will support something else - additional parameter will be needed.

But of course I do not insist on anything, just curious.

I still not get - anyway internal stride will/can differ from input parameter of uiImageAppend.
And uiImageAppend supports only RGBA truecolor bitmaps - so why pixelStride needed for input?
If it ever will support something else - additional parameter will be needed.

That's what I though at first as well.
The stride isn't for specifying the image color format. Suppose you can decode an image 10 times faster if it is a perfect square. I is your image and X are unused padding bytes.
You set pixelWidth to the number of Is and byteStride based on the number of actual image pixels (I) and padding data (X).

I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X
I I I I I I I I I I I I I I I X X X X X X

Suppose you can decode an image 10 times faster if it is a perfect square.

On specific hardware - maybe, so it is internal to libui.
But why cross-platform uiImageAppend needs it - I still not get...
Input bitmap is not used anyway - always copied to internal buffer, and input stride used only during copy.

Ideally there should be no copying — on Windows, there is none; we just give the image data directly to WIC! I'm only providing it because every other API I've seen that deals with raw image data provides it, including the low-level ones libui uses, or it explicitly specifies that the stride is always == pixelWidth * bytesPerPixel. I do see your point that libui doesn't seem to need the stride, and now you're starting to make me wonder if I should have something like that one cairo function. But I'll leave that as a TODO.

Anyway, thanks again! Is the address sanitizer cmake stuff another PR? I'll merge that in (with an explanation of why it needs -fno-omit-frame-pointer, a setting I didn't even know was NOT the default!).

Is the address sanitizer cmake stuff another PR? I'll merge that in (with an explanation of -fno-omit-frame-pointer, which I didn't even know was NOT the default!).

It's already in master (added in 92b860c)? It's just not not documented. The frame-pointer option basically turns off an optimization to create more useful stack traces.

Oh. I'm a forgetful dolt sometimes ^^;