Bug Native Crash - il2cpp\libil2cpp\vm\Reflection.cpp:171

Hello, after the new release we encounter this crash that affects 20%+ of Android and iOS sessions; please see the platforms stack trace. Seems like it's Unity related... Any thoughts on how to fix this?

Unity 2021.3.12f1, also tested on 2021.3.16f1, both has the same issue

Thank you for your time and support.

 

Hello, thank you for your quick reply.

I’ve made a more detailed research of native stack trace crash (see attached) at _CombatMaster.Battle15.cpp:6970 and I found a matched C# code — please see screenshot attached.

It seems like a Unity exception when we try to make “exception to string”…

Could you please look into it and share your thoughts. Thank you!

 

I can't create a bug report because I can't reproduce it locally. But as a workaround, I turned off all the logs in the game and the collection of stack traces and... the crash disappeared!

 

We have similar stack trace, the crash happens after an exception being raised in Forget method of UniTask

Code (CSharp):

1. Crashed: com.apple.main-thread
2. 0  UnityFramework                 0x286cbf0 il2cpp::vm::Reflection::GetMethodObject(MethodInfo const*, Il2CppClass*) + 171 (Reflection.cpp:171)
3. 1  UnityFramework                 0x28447d4 il2cpp::icalls::mscorlib::System::Reflection::RuntimeMethodInfo::get_base_method(Il2CppReflectionMethod*, bool) + 401 (RuntimeMethodInfo.cpp:401)
4. 2                          0x734f2ac MonoCustomAttrs.GetBase (mscorlib__7.cpp)
5. 3                      0x734e8cc MonoCustomAttrs.GetCustomAttributes (mscorlib__7.cpp)
6. 4                      0x732bc00 Attribute.GetCustomAttributes (mscorlib__6.cpp)
7. 5  UnityFramework                 0x457ddec CustomAttributeExtensions_GetCustomAttributes_RuntimeObject_m4D42F650E5486418C833A1D788800BFCBFF7AF11_gshared (GenericMethods__30.cpp)
8. 6                      0x72c9bb4 StackTrace.ConvertAsyncStateMachineMethod (mscorlib__23.cpp)
9. 7                      0x72c9708 StackTrace.GetFullNameForStackTrace (mscorlib__23.cpp)
10. 8                      0x72c9148 StackTrace.AddFrames (mscorlib__23.cpp)
11. 9                      0x72c9f94 StackTrace.ToString (mscorlib__23.cpp)
12. 10                     0x7338bd8 Exception.GetStackTrace (mscorlib__6.cpp)
13. 11                     0x4265034 LoggedException.FromException (Firebase.Crashlytics.cpp)
14. 12                     0x4266bdc IOSImpl.LogException (Firebase.Crashlytics.cpp)

 

Hi, @JoshPeterson

Looking into the implementation of

get_base_method

in IL2CPP and Mono, I found in Mono it checks if slot is valid before accessing vtable:

Code (CSharp):

1. if (klass == method->klass)
2.     return method;
3.  
4. /*This is possible if definition == FALSE.
5. * Do it here to be really sure we don't read invalid memory.
6. */
7. if (slot >= m_class_get_vtable_size (klass))
8.     return method;
9.  
10. mono_class_setup_vtable (klass);
11.  
12. result = m_class_get_vtable (klass) [slot];
13.  

But in IL2CPP, it uses slot to access vtable directly:

Code (CSharp):

1. if (klass == method2->klass)
2.     return method;
3.  
4. il2cpp::vm::Class::Init(klass);
5.  
6. result = klass->vtable[method2->slot].method;

Based on it, I tried to create a situation to test:

1. Create a dll, which contains a class 'A' which contains a virtual method 'Foo'
2. Create another dll, which contains a class 'B' which inherits class 'A' and overrides method 'Foo'
3. Remove "virtual" from method 'Foo' in 'A' and recompile the first dll
4. Copy the precompiled dlls created in step 2 and 3 into a Unity project
5. Call GetCustomAttributes for method 'foo' in 'B' in Unity

It can reproduce a similar crash in 2021.3.28 definitely:

The project has been submitted: IN-48686.

Not sure if this is the same issue with the posts above.

Update:
Unity QA reproduced the crash: https://issuetracker.unity3d.com/is...r-start-up-when-getcustomattributes-is-called

 

Hi, the issue tracker posted above says the bug has been 'fixed' but we recently got the same inflow of errors on our prod game in Unity 2021.3.11f1

 

2021.3.11f1 doesn't have the fix, the fix is in 2021.3.32f1.