Bug 325 - UITextField AutoCorrection causes crash
Summary: UITextField AutoCorrection causes crash
Alias: None
Product: iOS
Classification: Xamarin
Component: XI runtime ()
Version: 4.x
Hardware: Macintosh Mac OS
: --- normal
Target Milestone: Untriaged
Assignee: Sebastien Pouliot
: 660 3538 ()
Depends on:
Reported: 2011-08-18 17:08 UTC by Andrew Young
Modified: 2012-02-20 15:50 UTC (History)
5 users (show)

Is this bug a regression?: ---
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.

Please create a new report on Developer Community or GitHub with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:

Description Andrew Young 2011-08-18 17:08:52 UTC
This seems related to http://bugzilla.xamarin.com/show_bug.cgi?id=215 but not the same.

I get this crash on the simulator when I'm typing in a field with autocorrection type turned on. Seems to work on the device though.

Native stacktrace:

	0   SaambaaiPhone                       0x000d3044 mono_handle_native_sigsegv + 343
	1   SaambaaiPhone                       0x0001129c mono_sigsegv_signal_handler + 322
	2   libsystem_c.dylib                   0x95ccb59b _sigtramp + 43
	3   ???                                 0xffffffff 0x0 + 4294967295
	4   CoreGraphics                        0x90d3680b CGDataProviderRetain + 22
	5   CoreFoundation                      0x9383e24a CFAllocatorCreate + 90
	6   ImageIO                             0x99b365fd CGImageReadCreateWithProvider + 169
	7   ImageIO                             0x99b364bd CGImageSourceCreateWithDataProvider + 220
	8   CoreGraphics                        0x01705ba4 CGImageCreateWithPNGDataProvider + 98
	9   WebCore                             0x0378c37d WKGraphicsCreateImageFromBundleWithName + 349
	10  WebCore                             0x03022eab _ZN7WebCore15GraphicsContext34drawLineForMisspellingOrBadGrammarERKNS_8IntPointEib + 75
	11  WebCore                             0x030e7e86 _ZN7WebCore13InlineTextBox28paintSpellingOrGrammarMarkerEPNS_15GraphicsContextEiiRKNS_14DocumentMarkerEPNS_11RenderStyleERKNS_4FontEb + 742
	12  WebCore                             0x030e8226 _ZN7WebCore13InlineTextBox20paintDocumentMarkersEPNS_15GraphicsContextEiiPNS_11RenderStyleERKNS_4FontEb + 438
	13  WebCore                             0x030e8d46 _ZN7WebCore13InlineTextBox5paintERNS_12RenderObject9PaintInfoEii + 2694
	14  WebCore                             0x030e43df _ZN7WebCore13InlineFlowBox5paintERNS_12RenderObject9PaintInfoEii + 463
	15  WebCore                             0x036017c5 _ZN7WebCore13RootInlineBox5paintERNS_12RenderObject9PaintInfoEii + 53
	16  WebCore                             0x03578b00 _ZNK7WebCore17RenderLineBoxList5paintEPNS_20RenderBoxModelObjectERNS_12RenderObject9PaintInfoEii + 1472
	17  WebCore                             0x03514321 _ZN7WebCore11RenderBlock13paintContentsERNS_12RenderObject9PaintInfoEii + 81
	18  WebCore                             0x0351479d _ZN7WebCore11RenderBlock11paintObjectERNS_12RenderObject9PaintInfoEii + 541
	19  WebCore                             0x03510721 _ZN7WebCore11RenderBlock5paintERNS_12RenderObject9PaintInfoEii + 289
	20  WebCore                             0x0351419a _ZN7WebCore11RenderBlock13paintChildrenERNS_12RenderObject9PaintInfoEii + 474
	21  WebCore                             0x0351479d _ZN7WebCore11RenderBlock11paintObjectERNS_12RenderObject9PaintInfoEii + 541
	22  WebCore                             0x03510721 _ZN7WebCore11RenderBlock5paintERNS_12RenderObject9PaintInfoEii + 289
	23  WebCore                             0x0351419a _ZN7WebCore11RenderBlock13paintChildrenERNS_12RenderObject9PaintInfoEii + 474
	24  WebCore                             0x0351479d _ZN7WebCore11RenderBlock11paintObjectERNS_12RenderObject9PaintInfoEii + 541
	25  WebCore                             0x03510721 _ZN7WebCore11RenderBlock5paintERNS_12RenderObject9PaintInfoEii + 289
	26  WebCore                             0x0351419a _ZN7WebCore11RenderBlock13paintChildrenERNS_12RenderObject9PaintInfoEii + 474
	27  WebCore                             0x0351479d _ZN7WebCore11RenderBlock11paintObjectERNS_12RenderObject9PaintInfoEii + 541
	28  WebCore                             0x03510721 _ZN7WebCore11RenderBlock5paintERNS_12RenderObject9PaintInfoEii + 289
	29  WebCore                             0x03568a8f _ZN7WebCore11RenderLayer10paintLayerEPS0_PNS_15GraphicsContextERKNS_7IntRectEjPNS_12RenderObjectEPN3WTF7HashMapIPNS_24OverlapTestRequestClientES4_NS9_7PtrHashISC_EENS9_10HashTraitsISC_EENSF_IS4_EEEEj + 1375
	30  WebCore                             0x03568c62 _ZN7WebCore11RenderLayer10paintLayerEPS0_PNS_15GraphicsContextERKNS_7IntRectEjPNS_12RenderObjectEPN3WTF7HashMapIPNS_24OverlapTestRequestClientES4_NS9_7PtrHashISC_EENS9_10HashTraitsISC_EENSF_IS4_EEEEj + 1842
	31  WebCore                             0x03569475 _ZN7WebCore11RenderLayer5paintEPNS_15GraphicsContextERKNS_7IntRectEjPNS_12RenderObjectE + 101
	32  WebCore                             0x02fef072 _ZN7WebCore9FrameView13paintContentsEPNS_15GraphicsContextERKNS_7IntRectE + 322
	33  WebKit                              0x029127f2 -[WebFrame(WebInternal) _drawRect:contentsOnly:] + 274
	34  WebKit                              0x029407a4 -[WebHTMLView drawSingleRect:] + 148
	35  WebKit                              0x02940888 -[WebHTMLView drawRect:] + 152
	36  WebCore                             0x0378e7b8 _ZL11_WKViewDrawP9CGContextP6WKView6CGRectb + 344
	37  WebCore                             0x0378e88f _ZL11_WKViewDrawP9CGContextP6WKView6CGRectb + 559
	38  WebCore                             0x0378e88f _ZL11_WKViewDrawP9CGContextP6WKView6CGRectb + 559
	39  WebCore                             0x0378e88f _ZL11_WKViewDrawP9CGContextP6WKView6CGRectb + 559
	40  WebCore                             0x0378e88f _ZL11_WKViewDrawP9CGContextP6WKView6CGRectb + 559
	41  WebCore                             0x0378ea30 WKViewDisplayRect + 80
	42  WebCore                             0x0378f971 WKWindowDrawRect + 49
	43  WebCore                             0x03730333 _ZN7WebCore9TileCache9drawLayerEP7CALayerP9CGContext + 611
	44  QuartzCore                          0x01394e47 _ZL16backing_callbackP9CGContextPv + 85
	45  QuartzCore                          0x012e21f7 CABackingStoreUpdate + 2246
	46  QuartzCore                          0x01394d24 -[CALayer _display] + 1085
	47  WebCore                             0x03732394 -[TileLayer display] + 84
	48  QuartzCore                          0x0138b27d CALayerDisplayIfNeeded + 231
	49  QuartzCore                          0x013300c3 _ZN2CA7Context18commit_transactionEPNS_11TransactionE + 325
	50  QuartzCore                          0x01331294 _ZN2CA11Transaction6commitEv + 292
	51  QuartzCore                          0x0133146d _ZN2CA11Transaction17observer_callbackEP19__CFRunLoopObservermPv + 99
	52  CoreFoundation                      0x0151489b __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 27
	53  CoreFoundation                      0x014a96e7 __CFRunLoopDoObservers + 295
	54  CoreFoundation                      0x014721d7 __CFRunLoopRun + 1575
	55  CoreFoundation                      0x01471840 CFRunLoopRunSpecific + 208
	56  CoreFoundation                      0x01471761 CFRunLoopRunInMode + 97
	57  GraphicsServices                    0x0259c1c4 GSEventRunModal + 217
	58  GraphicsServices                    0x0259c289 GSEventRun + 115
	59  UIKit                               0x00b14c93 UIApplicationMain + 1160
	60  ???                                 0x08fbf805 0x0 + 150730757
	61  ???                                 0x08fbf450 0x0 + 150729808
	62  ???                                 0x08fbf0c4 0x0 + 150728900
	63  ???                                 0x08fbef1c 0x0 + 150728476
	64  ???                                 0x08fbf06e 0x0 + 150728814
	65  SaambaaiPhone                       0x00011057 mono_jit_runtime_invoke + 1332
	66  SaambaaiPhone                       0x001efadd mono_runtime_invoke + 137
	67  SaambaaiPhone                       0x001f21c4 mono_runtime_exec_main + 669
	68  SaambaaiPhone                       0x001f15ae mono_runtime_run_main + 843
	69  SaambaaiPhone                       0x000a515a mono_jit_exec + 200
	70  SaambaaiPhone                       0x0000430f main + 3865
	71  SaambaaiPhone                       0x000025b9 _start + 208
	72  SaambaaiPhone                       0x000024e8 start + 40

Debug info from gdb:

dyld: could not load inserted library: /Users/Andrew/Library/Application Support/iPhone Simulator/4.3.2/Applications/CC01350F-A34A-41B7-A4B2-1AD5D8545A1F/Saambaa.iPhone.app/monotouch-fixes.dylib

Got a SIGSEGV while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries 
used by your application.
Comment 1 Sebastien Pouliot 2011-08-18 21:08:31 UTC
You're right that's it's totally unrelated. The "dyld: could not load inserted library" is printed by GDB as a warning - but it's not part of the crash.  However the way it works (at least right now) makes it that people only notice it when they crash.

Could you provide us with a small, self-contained, test case to duplicate the issue ?
Comment 2 Andrew Young 2011-08-19 01:19:26 UTC
I tried to self-contain the issue but no matter what I did I was not able to create the same crash in the sample project. I could send you the source of our project but it is a closed source project. Do you guys have a way of handling this?
Comment 3 Sebastien Pouliot 2011-08-19 08:53:26 UTC
Andrew, you should be able to attach code and comment 'privately' using bugzilla (it will be visible to all xamarin employees). 

Another option is to sign NDA. Fot the later send an email to contact@xamarin.com and refer to this bug report.
Comment 4 Andrew Young 2011-08-19 14:18:19 UTC
I tried to attach a private attachment but I got an error in really large font saying "Sorry, but you are not allowed to (un)mark comments or attachments as private."
Comment 5 Sebastien Pouliot 2011-08-20 21:01:50 UTC
got the code
Comment 6 Sebastien Pouliot 2011-08-22 10:27:12 UTC
I could duplicate the crash.
Comment 7 Sebastien Pouliot 2011-08-22 18:33:17 UTC
Ok, that's a weird one. There's do not seem to be a "direct" relation between the UITextField and the crash.

With a bit of googling I found the following:

which has an identical stacktrace, the same "autocorrect" trigger and suggesting a memory corruption - caused by images. That later bit could explain why:

(a) it cannot be reproduced using a smaller test case (i.e. no images);

(b) it works on the device (where all images are re-compressed);
Comment 8 Andrew Young 2011-08-22 18:51:44 UTC
yep, that bug on SO definitely looks and acts the same as what i'm getting.

b. perhaps i can try running the simulator against the same re-compressed images used on the device to see if that could solve the issue. but then again, if it works on the device, that's pretty much the end goal for me anyway.
Comment 9 Sebastien Pouliot 2011-08-22 19:04:56 UTC
I did it a bit harder and removed all images (and commented code using them) then reset'ed the simulator. Sadly I can't get pass the facebook autorization (maybe I just unlucky where I can on the screen), I do get a message from the app but clicking on "Dismiss" does not bring back the, image-less, UI.

Any luck on your side ?
Comment 10 Andrew Young 2011-08-23 01:48:22 UTC
Replacing the images with the re-compressed images from an iPhone build did not work. Still crashes.
Comment 11 Sebastien Pouliot 2011-08-23 10:13:37 UTC
It's hard to be 100% sure that:

a) the stackoverflow comment is totally accurate. The issue is the same (so it's unrelated to MonoTouch itself*) and the "proposed" culprit does make sense with previous comments. However a smaller application has less chance to corrupt memory than a larger one (image related or not);

b) "re-compression" will solve the issue. E.g. the memory corruption could happen on the device, without crashing the app (or with a different crash).

I suggest you try removing as much images as possible (maybe not as much as I tried in comment #9, or at least in stages) to see if one (or some) of the image(s) are really the source of the problem.

* downgrading severity to normal
Comment 12 Miguel de Icaza [MSFT] 2011-08-23 10:33:12 UTC
The auto-correcting API is known to cause problems, we had a couple of bugs before along those lines, and various reports on the net on pure Objective-C code bases.

Removing "autocorrect" from Interface Builder fixes that.

This is only a bug in certain versions of iOS
Comment 13 Andrew Young 2011-08-26 19:57:55 UTC
So I tried replacing all of my images with a empty.png file and it still crashes the same way. Any other suggestions?
Comment 14 Miguel de Icaza [MSFT] 2011-08-26 20:20:29 UTC
Did you remove the auto-correct flag from your UITextField?
Comment 15 Andrew Young 2011-08-27 00:02:50 UTC
The autocorrect flag was what I reported in the original bug description as the offending line in my code. So yeah, setting it to false or No would cause the crash to not appear. But if this is a bug that doesn't originate from MT, then there isn't really much we can do about it right?

I was just following Sebastien's lead in trying to see if there was some kind of memory corruption in the images my project was using.
Comment 16 Sebastien Pouliot 2011-08-27 11:11:28 UTC
Right, not much we can do - it's pretty deep inside Apple's code :(

Something triggers this (since it does not always occurs) and the stackoverflow answer was an interesting lead... but adding an #if !SIMULATOR (and adjusting your builds to define the symbol) is likely the only solution (not involving a lot of time for something out of your, and our, control).
Comment 17 Andrew Young 2011-08-29 14:29:19 UTC
Looks like a iOS sdk bug. I'm closing this issue.
Comment 18 Sebastien Pouliot 2011-09-07 07:42:39 UTC
*** Bug 660 has been marked as a duplicate of this bug. ***
Comment 19 Sebastien Pouliot 2012-02-20 15:50:52 UTC
*** Bug 3538 has been marked as a duplicate of this bug. ***