Bug 52467 - callback from native thread causes SIGSEGV
Summary: callback from native thread causes SIGSEGV
Alias: None
Product: Runtime
Classification: Mono
Component: Interop (show other bugs)
Version: 4.6.0 (C8)
Hardware: PC Mac OS
: --- normal
Target Milestone: ---
Assignee: Bugzilla
Depends on:
Reported: 2017-02-13 09:35 UTC by Mikalai
Modified: 2017-09-06 13:58 UTC (History)
7 users (show)

See Also:
Is this bug a regression?: ---
Last known good build:

sample c# & native code (1.68 MB, application/zip)
2017-02-13 09:35 UTC, Mikalai
sample for ios (28.30 KB, application/zip)
2017-06-13 08:38 UTC, Mikalai

Description Mikalai 2017-02-13 09:35:38 UTC
Created attachment 19797 [details]
sample c# & native code

Issue also present in Alpha channel with
Runtime: Mono 4.8.0 (mono-4.8.0-branch/ba7f169) (64-bit)
Xamarin.Android: (Xamarin Studio Community)

Short version:
Calling managed callback from native thread with ref struct parameter > 64 bytes causes SIGSEGV. Calling this from managed thread (via interop) or reducing struct size solves the issue.
Comment 1 Rodrigo Kumpera 2017-02-13 21:47:50 UTC
This looks like a bug in your code.

When marshaling delegates to native code, it's the users responsibility to keep their lifetime in sync.

You're not doing it. When you call OpenHandle, the native side stores it but managed does nothing about it.

Could you verify if keeping the managed delegate alive for the duration of your test fixes the issue?

To do so, you can use a static variable or a gc handle, whatever works best.

Furthermore, can you attach the crash output of your test?
Comment 2 Mikalai 2017-02-14 06:59:08 UTC
1) Please note that we're able to reproduce this only on Android (ARM, not x86). Initial bug report had android as 'component' field.

2) Saving delegate to static variable or GC handle does not help. What actually does help is indicated in comments in Sample.cs.

3) Crash log:

I/mono-stdout(29806): >>> open handle
I/mono-stdout(29806): >>> call
I/mono-stdout(29806): >>> done
I/jni-bug (29806): Executing cb from native thread, handle 0xab21be18
I/jni-bug (29806): Calling read_cb 0xe497ef48
I/WindowState(  616): WIN DEATH: Window{cf95b0f u0 com.playtika.interop_sharp/md54fdce3dcd2d7390e13c366d38f9948e5.MainActivity}
I/ActivityManager(  616): Process com.playtika.interop_sharp (pid 29806) has died
Comment 3 Mikalai 2017-02-16 07:24:35 UTC
Can I help you with anything else?
Comment 4 Rodrigo Kumpera 2017-02-22 02:31:11 UTC
Yes, can you provide device logs of the crash?
Comment 5 Rodrigo Kumpera 2017-02-22 20:39:35 UTC
Hey Alex,

Can you try to repro this bug?
Comment 6 Egorbo 2017-02-22 20:42:37 UTC
I am able to repro, here is the full log: https://gist.githubusercontent.com/EgorBo/e8bbc51856e1db9ceb35a856fb7dfec7/raw/bb65c1d27c888b52ae9de86b668587e1b734f22d/Playtika%2520crash

Nexus 7
Windows, Visual Studio
Comment 7 Mikalai 2017-06-13 08:38:18 UTC
Created attachment 22848 [details]
sample for ios

Note You need to log in before you can comment on or make changes to this bug.