Il2CPP crashes

Hello, we do some playtesting for our game on Windows Steam and several testers got crushes during the play. I've attached crashes with dumps. Can anyone help me understanding the problem and what steps I need to do to resolve this issue?

```Read from location 0000000C caused an access violation.

Context:
EDI: 0x20be94cc ESI: 0x20be94b0 EAX: 0x20be94b0
EBX: 0x2fd0a190 ECX: 0x00000000 EDX: 0x00000000
EIP: 0x58865e5f EBP: 0x003af254 SegCs: 0x00000023
EFlags: 0x00210202 ESP: 0x003af24c SegSs: 0x0000002b

Bytes at CS:EIP:
3b 4a 0c 75 18 ff 35 24 4a e8 59 8d 04 09 50 57

No mono DLL path set. This app is either running IL2CPP, or the crash occurred before mono was initialized.

Stack Trace of Crashed Thread 12764:
0x58865E5F (GameAssembly) WriteZStream
0x59090D5B (GameAssembly) WriteZStream
0x590899C0 (GameAssembly) WriteZStream
ERROR: SymGetSymFromAddr64, GetLastError: 'Attempt to access invalid address.' (Address: 58508E9C)
0x58508E9C (GameAssembly) (function-name not available)
0x5860BECF (GameAssembly) UnityPalGetTimeZoneDataForID
0x585D5076 (GameAssembly) il2cpp_runtime_invoke
0x5A7BF107 (UnityPlayer) UnityMain
0x5A7CC6C5 (UnityPlayer) UnityMain
0x5A7CC7CC (UnityPlayer) UnityMain
0x5A7F3957 (UnityPlayer) UnityMain
0x5A7D40C8 (UnityPlayer) UnityMain
0x5A5DB402 (UnityPlayer) UnityMain
0x5A54F500 (UnityPlayer) UnityMain
0x5A54F4A7 (UnityPlayer) UnityMain
0x5A54F4A7 (UnityPlayer) UnityMain
0x5A54F4A7 (UnityPlayer) UnityMain
0x5A54F4A7 (UnityPlayer) UnityMain
0x5A54F36F (UnityPlayer) UnityMain
0x5A55045A (UnityPlayer) UnityMain
0x5A6DB5BA (UnityPlayer) UnityMain
0x5A6FADE3 (UnityPlayer) UnityMain
0x5A6F4AC9 (UnityPlayer) UnityMain
0x5A6F6521 (UnityPlayer) UnityMain
0x5A6E41F3 (UnityPlayer) UnityMain
0x5A6E4270 (UnityPlayer) UnityMain
0x5A6E5EF0 (UnityPlayer) UnityMain
ERROR: SymGetSymFromAddr64, GetLastError: 'Attempt to access invalid address.' (Address: 5A506588)
0x5A506588 (UnityPlayer) (function-name not available)
ERROR: SymGetSymFromAddr64, GetLastError: 'Attempt to access invalid address.' (Address: 5A5055A8)
0x5A5055A8 (UnityPlayer) (function-name not available)
ERROR: SymGetSymFromAddr64, GetLastError: 'Attempt to access invalid address.' (Address: 5A508CDC)
0x5A508CDC (UnityPlayer) (function-name not available)
0x5A50BAA5 (UnityPlayer) UnityMain
ERROR: SymGetSymFromAddr64, GetLastError: 'Attempt to access invalid address.' (Address: 00221015)
0x00221015 (Until We Die) (function-name not available)
ERROR: SymGetSymFromAddr64, GetLastError: 'Attempt to access invalid address.' (Address: 002211D9)
0x002211D9 (Until We Die) (function-name not available)
0x756EFA29 (KERNEL32) BaseThreadInitThunk
0x77087C7E (ntdll) RtlGetAppContainerNamedObjectPath
0x77087C4E (ntdll) RtlGetAppContainerNamedObjectPath```

6939523--815566--Crash_2021-03-15_215231517.zip (56.9 KB)
6939523--815569--Crashes_UWD_16.03.21.zip (262 KB)

1 Like

You may want to try to change the C++ compiler configuration to be Debug in the Player Settings. This will give you a debug build of the generated C++ code that came from IL2CPP. That will allow you to see a better stack trace (this one looks like it is not symbolicated correctly).

You can also use the option in the build setting to generated a Visual Studio solution when you build. If you open that solution, you can debug the generated C++ code, which might give a hint about what is happening.

Hey, you generally shouldn't look at the logs for shipped games: they will not have enough debug information to print out the correct callstack. The dump files you attached contain the right callstack, though you need the PDB files to actually be able to resolve them.

When you create a build with IL2CPP, a folder named "_BackUpThisFolder_ButDontShipItWithYourGame" gets created. Can you attach its contents here (.pdb + generated C++ files)? You can PM them to me as they may contain your private source code information. I can see that the crash is inside generated C++ code, but I cannot tell any more without those debug symbols.

Guys, thanks a lot for your advices, it seems I messed with some unsafe stuff this time. :hushed:
We have fixed the issue. I will leave this thread open in case if I'm wrong

We have met the same error, how did you fixed it?

I am also getting a similar error, may I ask how it was fixed?

One of my players reported this issue, a bit different stacktrace but he got it fixed by removing Powershell from windows PATH. Unity loads too many dlls?

Well that sounds fun. That DLL is actually part of Windows 8+, and we do try to load it on startup. I guess for whatever reason powershell includes them? That’s so weird. Do you have any dumps you can share from the crashes that resulted from this?

He’s using Windows 7 SP1 so maybe these dlls in powershell are a bit old? I have dmp but pdbs seem to not work anymore after overwriting them with newer build.

Stack:

0x000007FEC638F53D (GameAssembly) il2cpp_value_box
0x000007FEC638FD74 (GameAssembly) il2cpp_value_box
0x000007FEC88405D1 (GameAssembly) WriteZStream
0x000007FEC8428690 (GameAssembly) WriteZStream
0x000007FEC8427D41 (GameAssembly) WriteZStream
0x000007FEC8430845 (GameAssembly) WriteZStream
0x000007FEC839261C (GameAssembly) WriteZStream
0x000007FEC7DFF892 (GameAssembly) WriteZStream
0x000007FEC853E1B3 (GameAssembly) WriteZStream
0x000007FEC6B5CA36 (GameAssembly) WriteZStream
0x000007FEC848E44C (GameAssembly) WriteZStream
  ERROR: SymGetSymFromAddr64, GetLastError: 'Attempt to access invalid address.' (Address: 000007FEC5F52A91)
0x000007FEC5F52A91 (GameAssembly) (function-name not available)
0x000007FEC6407CE3 (GameAssembly) DllGetActivationFactory
0x000007FEC63DB1EF (GameAssembly) UnityPalGetTimeZoneDataForID
0x000007FEC6394092 (GameAssembly) il2cpp_value_box
0x000007FEC6395573 (GameAssembly) il2cpp_value_box
0x00000000778655DD (kernel32) BaseThreadInitThunk
0x0000000077AC2B1D (ntdll) RtlUserThreadStart

Yeah that callstack is garbage. Without original PDBs, you will not be able to resolve the callstack. That’s why the directory is named “BackupThisFolder” :). You cannot recreate them once you delete them.

I highly doubt those two DLLs are the cause for the crash, since they are used by UnityPlayer.dll, not GameAssembly.dll. It could be that GameAssembly.dll also doesn’t play nice with powershell on Windows 7…

Hmm, nevermind it seems to be more serious. Different player reported same stacktrace but it happened after playing the game for few mins on Win10. Ill update Unity to the newest one (from 2020.3.25 to 27) make a build and save pdbs.

#Edit
Also crashes on 27. My vs is loading dmp rn.

#Edit2
Dmp stacktrace:

     [Inline Frame] GameAssembly.dll!il2cpp::utils::ExceptionSupportStack<Il2CppObject *,3>::top() Line 37    C++
     GameAssembly.dll!U3CConnectSocketAsyncU3Ed__25_MoveNext_m7814B38F91E8536733A0376CF4094DAEAAA4E5F7(U3CConnectSocketAsyncU3Ed__25_t0E25D59582E216B9052D4EEBAF014F75C4FCCE95 * __this, const MethodInfo * method) Line 37839    C++
     GameAssembly.dll!ContextCallback_Invoke_mF4F8496213E8F0925947DD8994A477AE2E54EFDF(ContextCallback_t93707E0430F4FF3E15E1FB5A4844BE89C657AE8B * __this, Il2CppObject * ___state0, const MethodInfo * method) Line 22160    C++
     GameAssembly.dll!ExecutionContext_RunInternal_mC5D58D6EDE270B4CDA05181E9064E040D6692B2B(ExecutionContext_t16AC73BB21FEEEAD34A017877AC18DD8BB836414 * ___executionContext0, ContextCallback_t93707E0430F4FF3E15E1FB5A4844BE89C657AE8B * ___callback1, Il2CppObject * ___state2, bool ___preserveSyncCtx3, const MethodInfo * method) Line 34557    C++
>    GameAssembly.dll!MoveNextRunner_Run_mF9986F86D538F629861F62DD912B18CC58980D8B(MoveNextRunner_tFAEA0BEDD353E2E34E8E287C67B1F5572FD30C2D * __this, const MethodInfo * method) Line 25934    C++
     GameAssembly.dll!CurrentUserUpdateHandler_Invoke_m835DD5CA213BCC95E723A956A6812BB17C3A6A05(CurrentUserUpdateHandler_t1BC7782B2DAFED129FF43DFDC8882924B2F25FDD * __this, const MethodInfo * method) Line 27970    C++
     GameAssembly.dll!AwaitTaskContinuation_RunOrScheduleAction_m0969B6B0998248D42B6E4D04AC29ADE2D62B6412(Action_tAF41423D285AE0862865348CF6CE51CD085ABBA6 * ___action0, bool ___allowInlining1, Task_t804B25CFE3FC13AAEE16C8FA3BF52513F2A8DB60 * * ___currentTask2, const MethodInfo * method) Line 28396    C++
     GameAssembly.dll!Task_FinishContinuations_m41A7DC9B3A0DC7181BC0B5D353E5A702D1B2D0FF(Task_t804B25CFE3FC13AAEE16C8FA3BF52513F2A8DB60 * __this, const MethodInfo * method) Line 32912    C++
     GameAssembly.dll!Task_Finish_m924F5D1414BDC1A572D3C925CD9FBD4147C09FD5(Task_t804B25CFE3FC13AAEE16C8FA3BF52513F2A8DB60 * __this, bool ___bUserDelegateExecuted0, const MethodInfo * method) Line 30194    C++
     GameAssembly.dll!Task_1_TrySetException_mAEC49933FB8034AA98C144D4F9122BE42B89BB0B_gshared(Task_1_t65FD5EE287B61746F015BBC8E90A97D38D258FB3 * __this, Il2CppObject * ___exceptionObject0, const MethodInfo * method) Line 11013    C++
     GameAssembly.dll!TaskFactory_1_FromAsyncCoreLogic_m275BD4B3DCBB279B30F09EDF17FE238E8FF9B1A6_gshared(Il2CppObject * ___iar0, Func_2_t93436DB66248BF735350EEC072257D84453153ED * ___endFunction1, Action_1_tA4ED4B57984FE5F6E13A416523D6DF1DD51BEB76 * ___endAction2, Task_1_t65FD5EE287B61746F015BBC8E90A97D38D258FB3 * ___promise3, bool ___requiresSynchronization4, const MethodInfo * method) Line 13225    C++
     GameAssembly.dll!U3CU3Ec__DisplayClass41_1_2_U3CFromAsyncImplU3Eb__1_m3C725EB4CD0E34A0C5F7EF148895C9BA26E7F2FA_gshared(U3CU3Ec__DisplayClass41_1_2_tEBE5D257DDF5C945B4BA88CD4A251C3222AA8BC1 * __this, Il2CppObject * ___iar0, const MethodInfo * method) Line 160533    C++
     GameAssembly.dll!AsyncCallback_Invoke_mFCCCB843AEC4B5B3FC89BCED2BA839783920EA47(AsyncCallback_tA7921BEF974919C46FF8F9D9867C567B200BB0EA * __this, Il2CppObject * ___ar0, const MethodInfo * method) Line 23451    C++
     GameAssembly.dll!DataReceivedHandler_Invoke_m1F4323C0D94981031A547AD42494D8B465339E9D(DataReceivedHandler_tA9DACE28B74769B0668807EC0A9D3744ACB348D1 * __this, String_t * ___value0, const MethodInfo * method) Line 43501    C++
     GameAssembly.dll!ThreadPoolWorkQueue_Dispatch_mCC5743D99870EC7844CAB3FF3FA7D23A44A4A984(const MethodInfo * method) Line 24623    C++
     GameAssembly.dll!RuntimeInvoker_FalseRefInstance_t1BFBBBB45B2FB90281237C356B5E55761782ECA8(void(*)() methodPointer, const MethodInfo * methodMetadata, void * obj, void * * args) Line 506549    C++
     GameAssembly.dll!worker_thread(void * data) Line 251    C++
     GameAssembly.dll!il2cpp::vm::ThreadStart(void * arg) Line 708    C++
     GameAssembly.dll!il2cpp::os::Thread::RunWrapper(void * arg) Line 186    C++
     GameAssembly.dll!il2cpp::os::ThreadStartWrapper(void * arg) Line 28    C++
     kernel32.dll!BaseThreadInitThunk()    Unknown
     ntdll.dll!RtlUserThreadStart()    Unknown


Looks like this crash is caused by MQTTnet and its managed client https://github.com/dotnet/MQTTnet/wiki/ManagedClient as it runs on separate thread. No idea if it's their bug or il2cpp but somehow it crashes only for few.

To make sure my context switching to main thread wasn't the issue I've tried making a build that doesn't do anything other than connecting and it also crashed.

For now I'll disable it (and chat in my game) but hopefully it can be fixed as I want to use it for any server to client communication/notifications.

Can you report a bug?

Sure case 1400545.

1 Like

I made a small build with only Steam login that authorizes with mqtt and publish message button. It crashes for the player when he spams the button (doesn’t on my pc when I do the same). I’ll try making a build that doesn’t require steam and access to my game, for now this excludes DataReceivedHandler or CurrentUserUpdateHandler being a problem as those are handlers for native plugins like discord sdk.

Any news? Is it fixable from dmp alone?

Hey, I've been looking at the bug report details today. Unfortunately I don't think we can fix it from the dump report alone.

It looks like there is some problem with IL2CPP's exception handling flow control - the crash happens because we hit an assert that should never be true. Basically IL2CPP keeps a stack of in-flight exceptions - in this case it goes to pop one off that stack, but the stack is empty. So this is necessarily a flow control thing we need to debug. Inspecting the code, I don't see how this could ever happen, but clearly it does!

Do you have any possibility of moving to Unity 2021.2 or later, at least to try this? The exception flow control code is better in that version and later. I wonder if this issue is "fixed" there.

Hey, thanks for looking into it. I’ve sent build with Unity 2021.2.11 to the crashing user and waiting for response. I’m not very optimistic of moving game to 2021.2 but I removed all ECS usage few months ago so it’s possible.

1 Like

One of my players also got a similar error this week with UnityPalGetTimeZoneDataForID.

Unable to reproduce it but my player can. DM me your Discord or list of assets, maybe we use a common asset or something.

Nevermind my post above. This was from Shaders.Find, which was reproducible on my player’s computer but not mine. Added the shader to “Always Included Shaders”.