Native Crash - il2cpp\libil2cpp\vm\Reflection.cpp:171

Hello, after the new release we encounter this crash that affects 20%+ of Android and iOS sessions; please see the platforms stack trace. Seems like it’s Unity related… Any thoughts on how to fix this?

Unity 2021.3.12f1, also tested on 2021.3.16f1, both has the same issue

Thank you for your time and support.

8723775–1179810–androidReflactionCrash.txt (5.93 KB)
8723775–1179813–iosReflectionCrash.txt (75.5 KB)

This looks to be the same cause on both Android and iOS. Is this something that you can reproduce locally? It is not a crash that I’ve seen before.

Hello, thank you for your quick reply.

I’ve made a more detailed research of native stack trace crash (see attached) at _CombatMaster.Battle15.cpp:6970 and I found a matched C# code — please see screenshot attached.

It seems like a Unity exception when we try to make “exception to string”…

Could you please look into it and share your thoughts. Thank you!

8726673–1180530–androidCrash.txt (11.1 KB)
8726673--1180533--crashC#.png
8726673--1180536--CrashIL2cpp.png

It looks like the stack trace generation code runs into a problem processing some async method, or maybe an attribute on an async method somewhere in the call stack. It is likely related to the AsyncUniTaskMethodBuilder type which is used here.

This is not something we have seen before - can you submit a bug report for this?

https://unity.com/releases/editor/qa/bug-reporting

I can’t create a bug report because I can’t reproduce it locally. But as a workaround, I turned off all the logs in the game and the collection of stack traces and… the crash disappeared!

1 Like

We have similar stack trace, the crash happens after an exception being raised in Forget method of UniTask

Crashed: com.apple.main-thread
0  UnityFramework                 0x286cbf0 il2cpp::vm::Reflection::GetMethodObject(MethodInfo const*, Il2CppClass*) + 171 (Reflection.cpp:171)
1  UnityFramework                 0x28447d4 il2cpp::icalls::mscorlib::System::Reflection::RuntimeMethodInfo::get_base_method(Il2CppReflectionMethod*, bool) + 401 (RuntimeMethodInfo.cpp:401)
2                          0x734f2ac MonoCustomAttrs.GetBase (mscorlib__7.cpp)
3                      0x734e8cc MonoCustomAttrs.GetCustomAttributes (mscorlib__7.cpp)
4                      0x732bc00 Attribute.GetCustomAttributes (mscorlib__6.cpp)
5  UnityFramework                 0x457ddec CustomAttributeExtensions_GetCustomAttributes_RuntimeObject_m4D42F650E5486418C833A1D788800BFCBFF7AF11_gshared (GenericMethods__30.cpp)
6                      0x72c9bb4 StackTrace.ConvertAsyncStateMachineMethod (mscorlib__23.cpp)
7                      0x72c9708 StackTrace.GetFullNameForStackTrace (mscorlib__23.cpp)
8                      0x72c9148 StackTrace.AddFrames (mscorlib__23.cpp)
9                      0x72c9f94 StackTrace.ToString (mscorlib__23.cpp)
10                     0x7338bd8 Exception.GetStackTrace (mscorlib__6.cpp)
11                     0x4265034 LoggedException.FromException (Firebase.Crashlytics.cpp)
12                     0x4266bdc IOSImpl.LogException (Firebase.Crashlytics.cpp)

We’ve not been able to track down the cause of this issue. Can you submit a bug report for this?

Hi, @JoshPeterson

Looking into the implementation of get_base_method in IL2CPP and Mono, I found in Mono it checks if slot is valid before accessing vtable:

if (klass == method->klass)
    return method;

/*This is possible if definition == FALSE.
* Do it here to be really sure we don't read invalid memory.
*/
if (slot >= m_class_get_vtable_size (klass))
    return method;

mono_class_setup_vtable (klass);

result = m_class_get_vtable (klass) [slot];

But in IL2CPP, it uses slot to access vtable directly:

if (klass == method2->klass)
    return method;

il2cpp::vm::Class::Init(klass);

result = klass->vtable[method2->slot].method;

Based on it, I tried to create a situation to test:

  • Create a dll, which contains a class ‘A’ which contains a virtual method ‘Foo’
  • Create another dll, which contains a class ‘B’ which inherits class ‘A’ and overrides method ‘Foo’
  • Remove “virtual” from method ‘Foo’ in ‘A’ and recompile the first dll
  • Copy the precompiled dlls created in step 2 and 3 into a Unity project
  • Call GetCustomAttributes for method ‘foo’ in ‘B’ in Unity

It can reproduce a similar crash in 2021.3.28 definitely:

The project has been submitted: IN-48686.

Not sure if this is the same issue with the posts above.

Update:
Unity QA reproduced the crash: Unity Issue Tracker - The Player crashes after start-up when GetCustomAttributes is called

Thanks, this does help. It sounds like this is a bug in IL2CPP, which we will correct. I appreciate the time and effort you put into tracking down the use case here!

1 Like

Hi, the issue tracker posted above says the bug has been ‘fixed’ but we recently got the same inflow of errors on our prod game in Unity 2021.3.11f1

Maybe there is some subtle difference in this case. The fix for the originally reported issue is in 2021.3.11f1. Is this something you can reproduce, or are you only seeing it in crash reports?

2021.3.11f1 doesn’t have the fix, the fix is in 2021.3.32f1.

Oh good point, thank you! I had my version numbers mixed up there.