-[NSInvocation getReturnValue:] with double value produces 0 unexpectedly

Asked 9/11, 2013 at 9:37 Answered 2/7, 2020 at 21:22

Solved ios objective-c ipad nsinvocation arm64

I am trying to call a method that returns a double using NSInvocation. But I found that it does not working in 64 bit iOS apps. It works on on OS X, in the simulator -- both 32-bit and 64 bit -- iPad 2, and iPad Air with a 32-bit build. Only the 64-bit build on an iPad Air device has this problem.

This is the code to demo the problem:

NSMethodSignature *signature = [NSString instanceMethodSignatureForSelector:@selector(doubleValue)];
for (int i = 0; i < 10; i++) {
    NSInvocation *invocation = [NSInvocation invocationWithMethodSignature:signature];
    NSString *str = [NSString stringWithFormat:@"%d", i];
    [invocation setTarget:str];
    [invocation setSelector:@selector(doubleValue)];
    [invocation invoke];
    union {
        double d;
        uint64_t u;
    } d;
    [invocation getReturnValue:&d.d];
    NSLog(@"%lf, %llx", d.d, d.u);
}

expected output

2013-11-09 22:34:18.645 test[49075:907] 0.000000, 0
2013-11-09 22:34:18.647 test[49075:907] 1.000000, 3ff0000000000000
2013-11-09 22:34:18.648 test[49075:907] 2.000000, 4000000000000000
2013-11-09 22:34:18.649 test[49075:907] 3.000000, 4008000000000000
2013-11-09 22:34:18.650 test[49075:907] 4.000000, 4010000000000000
2013-11-09 22:34:18.651 test[49075:907] 5.000000, 4014000000000000
2013-11-09 22:34:18.652 test[49075:907] 6.000000, 4018000000000000
2013-11-09 22:34:18.653 test[49075:907] 7.000000, 401c000000000000
2013-11-09 22:34:18.654 test[49075:907] 8.000000, 4020000000000000
2013-11-09 22:34:18.654 test[49075:907] 9.000000, 4022000000000000

Output for the 64-bit build on iPad Air

2013-11-09 22:33:55.846 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.847 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.848 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.848 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.849 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.849 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.850 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.850 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.851 test[998:60b] 0.000000, 18710a969
2013-11-09 22:33:55.851 test[998:60b] 0.000000, 18710a969

This also happen for float value.

2013-11-09 23:51:10.021 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.023 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.024 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.024 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.025 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.026 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.026 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.027 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.027 test[1074:60b] -0.000000, 80000000
2013-11-09 23:51:10.028 test[1074:60b] -0.000000, 80000000

Slier answered 9/11, 2013 at 9:37 Comment(10)

Out of curiosity, could you split [invocation setTarget:[NSString stringWithFormat:@"%d", i]]; in two lines? NSString *t=[NSString stringWithFormat:@"%d", i]; [invocation setTarget:t];? I am wondering if the target string gets released prematurely. – Corbel 9/11, 2013 at 9:56

I have no idea what the problem is, but your method of printing the double as hex might not work correctly if a double vararg is treated differently from a long long vararg. - Better define a union { double d; uint64_t x; } u; and use it like NSLog(@"%lf, %llx", u.d, u.x);. – Macrobiotic 9/11, 2013 at 9:57

@dasblinkenlight: Interesting thought. If that's what's happening, [invocation retainArguments] would fix it. – Astatine 9/11, 2013 at 10:0

@dasblinkenlight updated code, no difference. I am using ARC and [NSString stringWithFormat:] return autoreleased object anyway, so it won't be the problem – Slier 9/11, 2013 at 10:11

@MartinR updated code, no difference. it only remove a compiler warning. – Slier 9/11, 2013 at 10:13

Did you try retainArguments? – Astatine 9/11, 2013 at 10:31

@JoshCaswell yes. no help. – Slier 9/11, 2013 at 10:46

Perhaps somebody can check it on an iPhone 5s, which can also run 64-bit code. – Macrobiotic 9/11, 2013 at 10:54

This smells like an alignment issue. Can you try w/out the union? – Joseph 11/11, 2013 at 21:10

@Joseph actually the original code was no union. You can check edit history for first version – Slier 11/11, 2013 at 21:16

Agreed with @David H that NSInvocation is broken in this case, or possibly the NSString doubleValue method. I was able to force it to work, however.

It appears to me that NSInvocation is broken due to a calling-convention issue / mismatch. Typically, parameters and return values for objective-c methods are passed in registers. (objc_msgSend knows how to perform this type of call.) But if a parameter or return value is a struct or type that doesn't fit in a register then they're passed on the stack. (objc_msgSend_stret performs this type of call.) NSInvocation typically uses the method signature to be able to decide whether it needs to call objc_msgSend or objc_msgSendStret. I'm guessing that now it also needs to know what platform it's operating on, and this is where the bug lies.

I played around with your code a bit and it appears that on arm64 the double return value is being passed as a structure would be, yet NSInvocation is treating it as being passed in a register. I have no idea which side is correct. (I know only enough in this area to be dangerous. My fingers are crossed that someone with more low-level chops than I comes along and reads this, and provides a better explanation!)

That said, it appears to me that there are significant changes in how parameters and results are passed in arm (32bit) vs. arm64. See the Result Return sections in both the ARM Procedure Call Standard for arm64 and ARM Procedure Call Standard (non-64 bit).

I was able to force NSInvocation to treat the call as returning a struct containing a double, and this made it work as expected. To do this I faked out the method signature to a fake signature of a method returning a struct. I placed this in a NSString category but it could live anywhere.

Not knowing what specifically is broken, or what will happen when it's fixed, I wouldn't likely ship code with this 'fix'. I'd find some other workaround.

typedef struct
{
    double d;

} doubleStruct;

@interface NSString (TS)
- (doubleStruct) ts_doubleStructValue;
@end
@implementation NSString (TS)
- (doubleStruct) ts_doubleStructValue
{
    doubleStruct ds;
    return ds;
}
@end


- (void) test
{
    NSMethodSignature *signature = [NSString instanceMethodSignatureForSelector: @selector( ts_doubleStructValue )];
    for (int i = 0; i < 10; i++) {
        NSInvocation *invocation = [NSInvocation invocationWithMethodSignature:signature];
        NSString *str = [NSString stringWithFormat:@"%d", i];
        [invocation setTarget:str];
        [invocation setSelector:@selector(doubleValue)];
        [invocation invoke];

        double d;
        [invocation getReturnValue: &d];

        NSLog(@"%lf", d);
    }
}

Joseph answered 11/11, 2013 at 23:57 Comment(2)

I think I'm seeing the same issue with NSInvocation on arm64 with a void return value, but an enum sized to an NSInteger (using NS_ENUM) passed as a parameter. I get an EXC_BAD_ACCESS. Everything is called synchronously (no async dispatch) and all is retained so it shouldn't be a memory issue. And has worked on armv7(s) for several year in our app. :-P – Ichabod 16/12, 2014 at 16:12

I am seeing the same symptoms on a mid 2010 MBP running a command line app so it seems that this isn't limited to arm chips. Furthermore, the invocations work with an int (64 bit) but not with a double (also 64 bit) so it t seems like it's not a data size specific issue. – Anthemion 12/3, 2015 at 20:17

You have no hope of getting this to work at the current time. I tried many variations of your code, and tested on an iPhone 5S and the latest Simulator in both 32 and 64 bit mode, but this must be a bug with arm64 since the 64bit simulator works just fine.

So first I modified your code to try all kinds of variations, and it turns out using floatValue fails as well. Since the size of a float is common, this reduces the number of variables between the various trial platforms.

Also, I tried to use a NSNumber target created using an integral and float method: the float method actually results in a crash! I tried other options like retaining the string and setting the invocation retain setting, no change.

I've entered a bug on this: 15441447: NSInvocation fails only on arm64 devices - anyone concerned about it can dup it. I uploaded a demo project as well.

The code I uploaded is:

- (void)test
{
    NSMethodSignature *signature = [NSString instanceMethodSignatureForSelector:@selector(floatValue)];
    for (int i = 0; i < 10; i++) {
        NSInvocation *invocation = [NSInvocation invocationWithMethodSignature:signature];

#if 0
        NSString *str = [NSString stringWithFormat:@"%d", i];
        [invocation setTarget:str]; // fails on iPhone 5s
#else
        //[invocation setTarget:[NSNumber numberWithFloat:(float)i]]; // crashes in 'invoke' on iPhone 5s, works fine in simulator
        [invocation setTarget:[NSNumber numberWithInteger:i]]; // fails on iphone 5S
#endif
        [invocation setSelector:@selector(floatValue)];

        [invocation invoke];

        float f;
        [invocation getReturnValue:&f];

        NSLog(@"%f", f);
    }
}

Baugher answered 11/11, 2013 at 22:31 Comment(0)

Fix based on @TomSwift answer.

    - (void)testInvocation
    {
        NSInvocation *invocation = [[self class] invocationWithObject:self selector:@selector(getAFloat)];

        [invocation setTarget:self];
        [invocation invoke];

        double d;
        [invocation getReturnValue: &d];
        NSLog(@"d == %f", d);

        return YES;
    }

    + (NSInvocation *)invocationWithObject:(id)object selector:(SEL)selector
    {
        NSMethodSignature *sig = [object methodSignatureForSelector:selector];
        if (!sig) {
            return nil;
        }

    #ifdef __LP64__
        BOOL isReturnDouble = (strcmp([sig methodReturnType], "d") == 0);
        BOOL isReturnFloat = (strcmp([sig methodReturnType], "f") == 0);

        if (isReturnDouble || isReturnFloat) {
            typedef struct {double d;} doubleStruct;
            typedef struct {float f;} floatStruct;

            NSMutableString *types = [NSMutableString stringWithFormat:@"%s@:", isReturnDouble ? @encode(doubleStruct) : @encode(floatStruct)];
            for (int i = 2; i < sig.numberOfArguments; i++) {
                const char *argType = [sig getArgumentTypeAtIndex:i];
                [types appendFormat:@"%s", argType];
            }

            sig = [NSMethodSignature signatureWithObjCTypes:[types UTF8String]];
        }
    #endif

        NSInvocation *inv = [NSInvocation invocationWithMethodSignature:sig];
        [inv setSelector:selector];
        return inv;
    }

Herniorrhaphy answered 11/4, 2014 at 9:19 Comment(0)

Wow this is still apparently broken today and now in the simulator too (where I'm testing it). I got bit by this bug today, found my double arguments were always coming back zero in the selector of the invocation.

In my case it was easy to just send it as an NSNumber with @(myDouble) as the argument and then on the other side unwrap it with myNumber.doubleValue

Nasty.

Martelli answered 2/7, 2020 at 21:22 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags