Bug 25891

Summary: Custom marshaler broken in 8.6
Product: iOS Reporter: Randall Schmidt <randall.schmidt>
Component: GeneralAssignee: Zoltan Varga <vargaz>
Status: VERIFIED FIXED    
Severity: normal CC: bugzilla.xamarin, joe.friedrichsen, mono-bugs+monotouch, ramc, sebastien
Priority: Normal    
Version: XI 8.6.0   
Target Milestone: 8.6.x (services rel)   
Hardware: Macintosh   
OS: Mac OS   
Tags: Is this bug a regression?: ---
Last known good build:
Attachments: Reproduction case

Description Randall Schmidt 2015-01-09 15:28:40 UTC
Created attachment 9309 [details]
Reproduction case

Upgrading to 8.6.0.50 beta from 8.4 stable has broken our bindings that use custom marshalers on real devices. The result is a crash. This does not occur in the simulator. Removing the MarshalAs attribute prevents the crash.

Attached is a reproduction case. It behaves differently in 8.4 vs 8.6.

In 8.6, the call to the binding crashes without printing anything. It looks like it doesn't even get as far as trying to get the marshaler instance. The XCode debugger shows the following stack trace when it crashes: 

#0	0x39572b94 in strlen ()
#1	0x0020dcf4 in mono_string_new at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/metadata/../../../../../mono/mono/metadata/object.c:5111
#2	0x0020f814 in mono_string_new_wrapper at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/metadata/../../../../../mono/mono/metadata/object.c:5157
#3	0x0015bb08 in wrapper_managed_to_native_object___icall_wrapper_mono_string_new_wrapper_intptr ()
#4	0x00072c84 in (wrapper managed-to-native) TestProj.AppDelegate:noop ()
#5	0x000723f0 in TestProj.AppDelegate:FinishedLaunching at /Users/randall/Projects/TestProj/TestProj/AppDelegate.cs:55
#6	0x0015b15c in wrapper_runtime_invoke_object_runtime_invoke_dynamic_intptr_intptr_intptr_intptr ()
#7	0x001c354e in mono_jit_runtime_invoke at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/mini/../../../../../mono/mono/mini/mini.c:6724
#8	0x0020ac98 in mono_runtime_invoke at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/metadata/../../../../../mono/mono/metadata/object.c:2842
#9	0x0018f5e4 in native_to_managed_trampoline_1 at /Users/randall/Projects/TestProj/TestProj/obj/iPhone/Debug/mtouch-cache/registrar.m:48
#10	0x0018fa10 in -[AppDelegate application:didFinishLaunchingWithOptions:] at /Users/randall/Projects/TestProj/TestProj/obj/iPhone/Debug/mtouch-cache/registrar.m:171
#11	0x2ea74f80 in <redacted> ()
#12	0x2ec69e84 in <redacted> ()
#13	0x2ec6c3b8 in <redacted> ()
#14	0x2ec76c68 in <redacted> ()
#15	0x2ec6ac5a in <redacted> ()
#16	0x31c850e0 in <redacted> ()
#17	0x2b55282c in __CFRUNLOOP_IS_CALLING_OUT_TO_A_BLOCK__ ()
#18	0x2b551af0 in __CFRunLoopDoBlocks ()
#19	0x2b55064a in __CFRunLoopRun ()
#20	0x2b49ddb0 in CFRunLoopRunSpecific ()
#21	0x2b49dbc2 in CFRunLoopRunInMode ()
#22	0x2ea6ec36 in <redacted> ()
#23	0x2ea69a30 in UIApplicationMain ()
#24	0x000a9a84 in (wrapper managed-to-native) UIKit.UIApplication:UIApplicationMain ()
#25	0x0008cf10 in UIKit.UIApplication:Main at /Developer/MonoTouch/Source/monotouch/src/UIKit/UIApplication.cs:122
#26	0x0008cf10 in UIKit.UIApplication:Main at /Developer/MonoTouch/Source/monotouch/src/UIKit/UIApplication.cs:122
#27	0x0008ced0 in UIKit.UIApplication:Main at /Developer/MonoTouch/Source/monotouch/src/UIKit/UIApplication.cs:88
#28	0x000720cc in TestProj.Application:Main at /Users/randall/Projects/TestProj/TestProj/Main.cs:42
#29	0x0015b15c in wrapper_runtime_invoke_object_runtime_invoke_dynamic_intptr_intptr_intptr_intptr ()
#30	0x001c354e in mono_jit_runtime_invoke at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/mini/../../../../../mono/mono/mini/mini.c:6724
#31	0x0020ac98 in mono_runtime_invoke at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/metadata/../../../../../mono/mono/metadata/object.c:2842
#32	0x0020e1aa in mono_runtime_exec_main at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/metadata/../../../../../mono/mono/metadata/object.c:4099
#33	0x0020dfe8 in mono_runtime_run_main at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/metadata/../../../../../mono/mono/metadata/object.c:3725
#34	0x001ad4f0 in mono_jit_exec at /Developer/MonoTouch/Source/monotouch/builds/target7/mono/mini/../../../../../mono/mono/mini/driver.g.c:1008
#35	0x00270670 in xamarin_main at /Developer/MonoTouch/Source/monotouch/libmonotouch/monotouch-main.m:400
#36	0x00190098 in main at /Users/randall/Projects/TestProj/TestProj/obj/iPhone/Debug/mtouch-cache/main.armv7.m:38
#37	0x39556aae in start ()





In 8.4, the call to the binding does not crash, and it prints:
(GetInstance) I'm not called in 8.6...
(Constructor) I'm not called 8.6...
(MarshalManagedToNative) I'm not called 8.6...
(GetInstance) I'm not called in 8.6...
(CleanUpNativeData) I'm not called 8.6...

The native library being bound is just a noop function. The source is included in the project directory. The included .a file was compiled for armv7.
Comment 1 Sebastien Pouliot 2015-01-09 16:04:43 UTC
It does crash (with or without using the linker). It looks like something in mono itself, c.c. Zoltan

Symbolicated crash report: https://gist.github.com/spouliot/66ff82e55befcbdf106c
Comment 2 Zoltan Varga 2015-01-09 17:31:05 UTC
Fixed in mono master 92ca06aa7dc4073bdc52f45842a1fbc2fdfce7bf.
Comment 3 Sebastien Pouliot 2015-01-14 11:31:00 UTC
Candidate for the 8.6.1 service release. I'll close it when backported.
Comment 4 Sebastien Pouliot 2015-01-14 16:51:28 UTC
monotouch/monotouch-8.6.0-branch bumped mono in 8cb292f7db16ea566f5196d77e4ba89125a24bee to include this fix.
Comment 5 Ram Chandra 2015-01-19 05:36:31 UTC
I have checked this issue and I am able to reproduce this behavior with X.iOS: 8.6.0.51.

To verify this issue I have checked this issue with following builds:
Mac OS X 10.10.0
Xamarin Studio: 5.7 (build 661)
Installation UUID: 3d25a767-a003-4a7d-9f5e-e57987cf6cf0
Mono 3.12.0 ((detached/a813491)
GTK+ 2.24.23 (Raleigh theme)
Package version: 312000068
Xcode 6.1 (6602)
Build 6A1052c
Xamarin.iOS: 8.6.1.9 (Enterprise Edition)
Hash: d8e6436
Branch: 
Build date: 2015-01-18 17:38:20-0500

Observation: When I deploy the attach sample on device (iPhone 6) I observed that I am not getting any error or exception. Application is deployed successfully. Here is the application output:

>(GetInstance) I'm not called in 8.6...
>(Constructor) I'm not called 8.6...
>(MarshalManagedToNative) I'm not called 8.6...
>(GetInstance) I'm not called in 8.6...
>(CleanUpNativeData) I'm not called 8.6...
 
Screencast: http://www.screencast.com/t/245D4PqxWK

This issue has been fixed. Hence I am closing this issue.
Comment 6 Randall Schmidt 2015-01-19 12:12:58 UTC
Any idea of a time frame for this fix to be released? In the next few months?