Search Issue Tracker
Fixed in 2021.2.X
Fixed in 2019.4.X, 2020.3.X, 2021.1.X
Votes
1
Found in
2019.4.28f1
Issue ID
1343375
Regression
No
[Android][IL2CPP] Data misalignment crash in deserializing google protobuf message field
Repro steps:
1. Open project "anrdoid_64bit_read_crash 2.zip"
2. Make sure Scripting Backend is set to IL2CPP
3. Build and Run on Android
4. Press the button on the screen
Actual: App crashes
Expected: App doesn't crash
Reproducible with: 2019.4.28f1, 2020.3.12f1, 2021.1.12f1, 2021.2.0a17
Not reproducible with: 2021.2.0a18, 2021.2.0b1
Couldn't test 2018.4
Tested and reproduced on these devices:
VLNQA00288, Samsung Galaxy J7 (SM-J730F), Android 8.1.0, CPU: Exynos 7 Octa 7870, GPU: Mali-T830
VLNQA00022, Xiaomi Redmi Note 3 (Redmi Note 3), Android 6.0.1, CPU: Snapdragon 617 MSM8952, GPU: Adreno (TM) 510
N/A, Google Pixel 3 XL (Pixel 3 XL), Android 11, CPU: NOT FOUND, GPU: Adreno (TM) 630
N/A, Huawei - (NOH-NX9), Android 10, CPU: NOT FOUND, GPU: Mali-G78
VLNQA00001, Google Pixel 2 (Pixel 2), Android 11, CPU: Snapdragon 835 MSM8998, GPU: Adreno (TM) 540
VLNQA00316, Samsung Galaxy Note10 (SM-N970F), Android 9, CPU: Exynos 9 Series 9825, GPU: Mali-G76
Didn't reproduce on:
iPhone 11 (iOS 13.5)
Notes:
- Couldn't reproduce on Mac/Windows Standalones
- Couldn't reproduce on iOS
06-16 22:06:54.065 30644 30667 E AndroidRuntime: signal 7 (SIGBUS), code 1 (BUS_ADRALN), fault addr 0xa8ed2cbd
06-16 22:06:54.065 30644 30667 E AndroidRuntime: r0 a8ed2cbd r1 adc33a40 r2 bfd7f084 r3 bfd7efec
06-16 22:06:54.065 30644 30667 E AndroidRuntime: r4 0000000d r5 00000008 r6 a8ed2ca8 r7 c063f5ed
06-16 22:06:54.065 30644 30667 E AndroidRuntime: r8 bfea62b4 r9 c062ff64 r10 c062f58c r11 bf828f18
06-16 22:06:54.065 30644 30667 E AndroidRuntime: ip 00000000 sp bfa3ad20 lr bfea6554 pc bfd7f084
06-16 22:06:54.065 30644 30667 E AndroidRuntime:
06-16 22:06:54.065 30644 30667 E AndroidRuntime: backtrace:
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #00 pc 0033f084 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #01 pc 00466550 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #02 pc 0077cc54 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #03 pc 0077f434 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #04 pc 00941944 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #05 pc 00333b6c /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #06 pc 0084e7b0 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #07 pc 0084d884 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #08 pc 0084d4c0 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #09 pc 001d63a0 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #10 pc 001d622c /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libil2cpp.so (BuildId: e4bda827784e3e3b266efe46f8adea7753ec780f)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #11 pc 00247515 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (scripting_method_invoke(ScriptingMethodPtr, ScriptingObjectPtr, ScriptingArguments&, ScriptingExceptionPtr*, bool)+92) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #12 pc 00253d67 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (ScriptingInvocation::Invoke(ScriptingExceptionPtr*, bool)+94) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #13 pc 0025da41 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (MonoBehaviour::CallUpdateMethod(int)+160) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #14 pc 000f572b /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (void BaseBehaviourManager::CommonUpdate<BehaviourManager>()+122) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #15 pc 000f569d /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (BehaviourManager::Update()+16) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #16 pc 00167821 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (InitPlayerLoopCallbacks()::UpdateScriptRunBehaviourUpdateRegistrator::Forward()+44) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #17 pc 00167d27 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (ExecutePlayerLoop(NativePlayerLoopSystem*)+66) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #18 pc 00167d67 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (ExecutePlayerLoop(NativePlayerLoopSystem*)+130) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #19 pc 00167f21 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (PlayerLoop()+224) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #20 pc 002b628f /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (UnityPlayerLoop()+494) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #21 pc 002ccfa1 /data/app/~~-gYFL7QeZPLJPGpFCT-iig==/com.DefaultCompany.anrdoid_64bit_read_crash-LSXpg88ZyKPjVBD3hzrx4g==/lib/arm/libunity.so (nativeRender(_JNIEnv*, _jobject*)+40) (BuildId: 7af9866ce7073e1388efccf703ca93f54c2e36ef)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: #22 pc 000d70dd /apex/com.android.art/lib/libart.so (art_quick_alloc_string_from_chars_region_tlab_instrumented+76) (BuildId: 411163f681666e1c830637f4e9c59ea5)
06-16 22:06:54.065 30644 30667 E AndroidRuntime:
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x33f084(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x466550(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x77cc54(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x77f434(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x941944(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x333b6c(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x84e7b0(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x84d884(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x84d4c0(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x1d63a0(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libil2cpp.0x1d622c(Native Method)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.scripting_method_invoke(ScriptingMethodPtr, ScriptingObjectPtr, ScriptingArguments&, ScriptingExceptionPtr*, bool)(scripting_method_invoke:92)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.ScriptingInvocation::Invoke(ScriptingExceptionPtr*, bool)(Invoke:94)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.MonoBehaviour::CallUpdateMethod(int)(CallUpdateMethod:160)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.void BaseBehaviourManager::CommonUpdate<BehaviourManager>()(CommonUpdate<BehaviourManager>:122)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.BehaviourManager::Update()(Update:16)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.InitPlayerLoopCallbacks()::UpdateScriptRunBehaviourUpdateRegistrator::Forward()(InitPlayerLoopCallbacks:44)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.ExecutePlayerLoop(NativePlayerLoopSystem*)(ExecutePlayerLoop:66)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.ExecutePlayerLoop(NativePlayerLoopSystem*)(ExecutePlayerLoop:130)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.PlayerLoop()(PlayerLoop:224)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.UnityPlayerLoop()(UnityPlayerLoop:494)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libunity.nativeRender(_JNIEnv*, _jobject*)(nativeRender:40)
06-16 22:06:54.065 30644 30667 E AndroidRuntime: at libart.art_quick_alloc_string_from_chars_region_tlab_instrumented(art_quick_alloc_string_from_chars_region_tlab_instrumented:76)
Add comment
All about bugs
View bugs we have successfully reproduced, and vote for the bugs you want to see fixed most urgently.
Latest issues
- Articulation Body with 'Revolute' Joint Type has erratic behavior when Upper Limit is set to above 360
- WebGL Player fails to render Scene when Terrain with Detail Mesh is added and WebGPU Graphics API is used
- Inconsistent errors are logged when different types are passed into the Query "Q<>" method in UIToolkit and the ancestor VisualElement is null
- Crash on GetMaterialPropertyByIndex when opening a specific Scene
- Discrepancies in the styling are present when using a TSS file instead of a USS file in custom EditorWindow
Resolution Note (fix version 2021.1):
Fixed in 2021.1.17f1
Resolution Note (fix version 2020.3):
Fixed in 2020.3.16f1
Resolution Note (fix version 2019.4):
Fixed in 2019.4.30f1