Bug 4677 - CTFrame or its CGPath being released prematurely
Summary: CTFrame or its CGPath being released prematurely
Status: RESOLVED FIXED
Alias: None
Product: iOS
Classification: Xamarin
Component: XI runtime ()
Version: 5.2
Hardware: Macintosh Mac OS
: --- normal
Target Milestone: Untriaged
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2012-04-26 17:51 UTC by Jeff Dlouhy
Modified: 2012-04-26 18:23 UTC (History)
3 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:


Attachments
Sample application (1.32 MB, application/zip)
2012-04-26 17:51 UTC, Jeff Dlouhy
Details


Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on Developer Community or GitHub with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED FIXED

Description Jeff Dlouhy 2012-04-26 17:51:41 UTC
Created attachment 1756 [details]
Sample application

When trying to access a Core Text Frame's Path BoundingBox, it crashes because it has already been released.

In the sample app attached, it crashes at line 62 in 'CoreTextView.cs'

Steps to reproduce:
 1. Run app
 2. Touch text (once or twice)


MonoTouch: 5.2.11
Mono: 2.10.9


Stacktrace:

  at (wrapper managed-to-native) MonoTouch.CoreGraphics.CGPath.CGPathGetBoundingBox (intptr) <IL 0x00025, 0xffffffff>
  at MonoTouch.CoreGraphics.CGPath.get_BoundingBox () [0x00000] in /Developer/MonoTouch/Source/monotouch/src/shared/CoreGraphics/CGPath.cs:437
  at MrCrashypants.CoreTextView.TouchesBegan (MonoTouch.Foundation.NSSet,MonoTouch.UIKit.UIEvent) [0x0000c] in /Users/jdlouhy/Desktop/MrCrashypants/MrCrashypants/CoreTextView.cs:62
  at (wrapper runtime-invoke) <Module>.runtime_invoke_void__this___object_object (object,intptr,intptr,intptr) <IL 0x0005a, 0xffffffff>
  at (wrapper managed-to-native) MonoTouch.UIKit.UIApplication.UIApplicationMain (int,string[],intptr,intptr) <IL 0x0009f, 0xffffffff>
  at MonoTouch.UIKit.UIApplication.Main (string[],string,string) [0x00042] in /Developer/MonoTouch/Source/monotouch/src/UIKit/UIApplication.cs:29
  at MrCrashypants.Application.Main (string[]) [0x00000] in /Users/jdlouhy/Desktop/MrCrashypants/MrCrashypants/Main.cs:17
  at (wrapper runtime-invoke) <Module>.runtime_invoke_void_object (object,intptr,intptr,intptr) <IL 0x00050, 0xffffffff>

Native stacktrace:

	0   MrCrashypants                       0x0009094c mono_handle_native_sigsegv + 284
	1   MrCrashypants                       0x00005cd8 mono_sigsegv_signal_handler + 248
	2   libsystem_c.dylib                   0x95fa059b _sigtramp + 43
	3   ???                                 0xffffffff 0x0 + 4294967295
	4   CoreGraphics                        0x01442e6b CGPathGetBoundingBox + 88
	5   ???                                 0x113615cf 0x0 + 288757199
	6   ???                                 0x1136156c 0x0 + 288757100
	7   ???                                 0x11361364 0x0 + 288756580
	8   ???                                 0x1136140f 0x0 + 288756751
	9   MrCrashypants                       0x0000a042 mono_jit_runtime_invoke + 722
	10  MrCrashypants                       0x00169f4e mono_runtime_invoke + 126
	11  MrCrashypants                       0x00206748 monotouch_trampoline + 3416
	12  UIKit                               0x021e52cf -[UIWindow _sendTouchesForEvent:] + 272
	13  UIKit                               0x021e55e6 -[UIWindow sendEvent:] + 273
	14  UIKit                               0x021cbdc4 -[UIApplication sendEvent:] + 464
	15  UIKit                               0x021bf634 _UIApplicationHandleEvent + 8196
	16  GraphicsServices                    0x047c5ef5 PurpleEventCallback + 1274
	17  CoreFoundation                      0x011a9195 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 53
	18  CoreFoundation                      0x0110dff2 __CFRunLoopDoSource1 + 146
	19  CoreFoundation                      0x0110c8da __CFRunLoopRun + 2218
	20  CoreFoundation                      0x0110bd84 CFRunLoopRunSpecific + 212
	21  CoreFoundation                      0x0110bc9b CFRunLoopRunInMode + 123
	22  GraphicsServices                    0x047c47d8 GSEventRunModal + 190
	23  GraphicsServices                    0x047c488a GSEventRun + 103
	24  UIKit                               0x021bd626 UIApplicationMain + 1163
	25  ???                                 0x0cb707ac 0x0 + 213321644
	26  ???                                 0x0cb6f958 0x0 + 213317976
	27  ???                                 0x0cb6f7f0 0x0 + 213317616
	28  ???                                 0x0cb6f87f 0x0 + 213317759
	29  MrCrashypants                       0x0000a042 mono_jit_runtime_invoke + 722
	30  MrCrashypants                       0x00169f4e mono_runtime_invoke + 126
	31  MrCrashypants                       0x0016e034 mono_runtime_exec_main + 420
	32  MrCrashypants                       0x00173455 mono_runtime_run_main + 725
	33  MrCrashypants                       0x00067245 mono_jit_exec + 149
	34  MrCrashypants                       0x002116a5 main + 2837
	35  MrCrashypants                       0x00003095 start + 53

=================================================================
Got a SIGSEGV while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries 
used by your application.
=================================================================
Comment 1 Rolf Bjarne Kvinge [MSFT] 2012-04-26 18:23:14 UTC
Fixed in master (b1599dd) and 5.2-series (59a68154). Unit tests are included.

The fix will be included in the 5.3.4 and 5.2.12 releases.