search

dotnet / runtime

.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
https://docs.microsoft.com/dotnet/core/
MIT License
15.41k stars 4.76k forks source link

[mono] android crash #109443

Open srxqds opened 2 weeks ago

srxqds commented 2 weeks ago

Description

we use spanjson library, it hit crash in production app

Reproduction Steps

we can't reproduct it in our development, only occur in release app.

Expected behavior

not crash

Actual behavior

crash

Regression?

no, we use .net8.0

Known Workarounds

we don't know what reason lead to it.

Configuration

No response

Other information

the c# call stacktrace:

=================================================================
    Managed Stacktrace:
=================================================================
      at <unknown> <0xffffffff>
      at System.Array:InternalCreate in System.Private.CoreLib.dll:token 0x0+0xffffffff
      at System.Array:InternalCreate in System.Private.CoreLib.dll:token 0x6000167+0x12
      at System.Array:CreateInstance in System.Private.CoreLib.dll:token 0x6000194+0x38
      at System.Reflection.CustomAttribute:GetCustomAttributes in System.Private.CoreLib.dll:token 0x60063fa+0x25b
      at System.Attribute:GetAttr in System.Private.CoreLib.dll:token 0x6000217+0x67
      at System.Attribute:GetCustomAttribute in System.Private.CoreLib.dll:token 0x600021a+0x3
      at System.Reflection.CustomAttributeExtensions:GetCustomAttribute in System.Private.CoreLib.dll:token 0x600671f+0x2
      at System.Reflection.CustomAttributeExtensions:GetCustomAttribute in System.Private.CoreLib.dll:token 0x6006723+0xb
      at SpanJson.Helpers.RecursionCandidate`1:CheckForRecursiveType in SpanJson.dll:token 0x6000205+0x78
      at SpanJson.Helpers.RecursionCandidate`1:.cctor in SpanJson.dll:token 0x6000207+0x11
      at System.Object:runtime_invoke_void in System.Private.CoreLib.dll:token 0x0+0x31
      at <unknown> <0xffffffff>
      at <unknown> <0xffffffff>
      at System.Reflection.RuntimeFieldInfo:GetValueInternal in System.Private.CoreLib.dll:token 0x0+0xffffffff
      at System.Reflection.RuntimeFieldInfo:GetValue in System.Private.CoreLib.dll:token 0x600656d+0x60
      at SpanJson.Resolvers.ResolverBase:GetDefaultOrCreate in SpanJson.dll:token 0x60001a7+0x15
      at SpanJson.Resolvers.ResolverBase`2:BuildFormatter in SpanJson.dll:token 0x60001b7+0x3fe
      at SpanJson.Resolvers.ResolverBase`2:<GetFormatter>b__3_0 in SpanJson.dll:token 0x60001c0+0x2
      at System.Collections.Concurrent.ConcurrentDictionary`2:GetOrAdd in System.Collections.Concurrent.dll:token 0x60000c9+0x4a
      at SpanJson.Resolvers.ResolverBase`2:GetFormatter in SpanJson.dll:token 0x60001ab+0x12
      at SpanJson.Resolvers.ResolverBase`2:GetFormatter in SpanJson.dll:token 0x60001af+0xb
      at SpanJson.Generators.CodeGeneratorResolvers`3:.cctor in SpanJson.dll:token 0x6000218+0xe
      at System.Object:runtime_invoke_void in System.Private.CoreLib.dll:token 0x0+0x31
      at <unknown> <0xffffffff>
      at <unknown> <0xffffffff>
      at UnrealEngine_Game_AcademyAdversariaRecordDateInfoCustomUtf8Formatter:Serialize in UnrealEngine.Game.dll:token 0x60008c8+0x32
      at Inner`3:InnerSerializeToByteArray in SpanJson.dll:token 0x6000731+0x14
      at System.Object:lambda_method712 in System.Private.CoreLib.dll:token 0x0+0x5
      at Inner`2:InnerSerializeToByteArray in SpanJson.dll:token 0x600075a+0x3a
      at Utf8:Serialize in SpanJson.dll:token 0x600077f+0x1
      at Utf8:Serialize in SpanJson.dll:token 0x6000777+0x1
      at UnrealEngine.Game.SerializeUtil:EncodeJson in UnrealEngine.Game.dll:token 0x6004af0+0x6
      at UnrealEngine.Game.Scene.AcademySceneMiscLoader:BeginLoad in UnrealEngine.Game.dll:token 0x6013490+0x280
      at UnrealEngine.Game.Scene.AcademyScene:Load in UnrealEngine.Game.dll:token 0x6013441+0x53
      at UnrealEngine.Game.Scene.AcademyScene:OnEnterWorld in UnrealEngine.Game.dll:token 0x601343c+0xa2
      at UnrealEngine.Game.Scene.BaseScene:Init in UnrealEngine.Game.dll:token 0x6014024+0x2
      at UnrealEngine.Game.Scene.SceneManager:InitScene in UnrealEngine.Game.dll:token 0x6014f7a+0x86
      at UnrealEngine.Game.Scene.SceneSwitcher:InitScene in UnrealEngine.Game.dll:token 0x6014ed1+0xed
      at UnrealEngine.Game.Scene.SceneSwitcher:InitScene in UnrealEngine.Game.dll:token 0x6014ed2+0x13
      at UnrealEngine.Game.WorldMap.SceneTransform_LoadAcademyMap:Init in UnrealEngine.Game.dll:token 0x6011b3f+0x23
      at UnrealEngine.Game.WorldMap.SceneTransform_LoadAcademyMap:OnBeginPlay in UnrealEngine.Game.dll:token 0x6011b3e+0x1
      at UnrealEngine.Game.Event.EventController:TriggerEvent in UnrealEngine.Game.dll:token 0x6012612+0x69
      at UnrealEngine.Game.Event.EventDispatcher:TriggerEvent in UnrealEngine.Game.dll:token 0x601263d+0x6
      at UnrealEngine.Game.CustomGameMode:ReceiveBeginPlay in UnrealEngine.Game.dll:token 0x6003cb2+0x2f
      at System.Object:runtime_invoke_void__this__ in System.Private.CoreLib.dll:token 0x0+0x32
=================================================================

the native stacktrace:

Crash reason:  SIGSEGV /SEGV_MAPERR
Crash address: 0x9fc90fbd98ae3e
Process uptime: not available

Thread 27 (crashed)
 0  libmonosgen-2.0.so!mono_class_init_internal [class-init.c : 3014 + 0x8]
     x0 = 0xbd9fc90fbd98ae1e    x1 = 0xb400006eed9027e0
     x2 = 0x0000000000000010    x3 = 0x0000006fa4f53448
     x4 = 0x0000006eed9027f0    x5 = 0x0000006f8ba75f90
     x6 = 0x00008020300d0331    x7 = 0x606b625e6bff6e65
     x8 = 0x00000000000000bd    x9 = 0x0000000000000001
    x10 = 0x0000006fa4f5c040   x11 = 0x0000006fb6917dec
    x12 = 0x0000000080000000   x13 = 0x0000000000000228
    x14 = 0xffffffffb400006f   x15 = 0xb400006f7977b5a0
    x16 = 0x0000006f8bb5f8b8   x17 = 0x00000070fc75798c
    x18 = 0x0000006f0987060f   x19 = 0xb400006f79292a28
    x20 = 0xb400006f79292ae0   x21 = 0x0000006fa4f52ba0
    x22 = 0x0000006f8bb68000   x23 = 0xb400006f79292a28
    x24 = 0xb400006ef692cae0   x25 = 0x0000006fa4f5c000
    x26 = 0x0000000000000000   x27 = 0x0000006f8b8c7628
    x28 = 0x0000006f8bb68ef4    fp = 0x0000006fa4f52af0
     lr = 0x0000006f8ba631c8    sp = 0x0000006fa4f52ac0
     pc = 0x0000006f8ba632d8
    Found by: given as instruction pointer in context
 1  libmonosgen-2.0.so!mono_class_init_internal [class-init.c : 2978 + 0x4]
     fp = 0x0000006fa4f52b50    lr = 0x0000006f8bac0608
     sp = 0x0000006fa4f52b00    pc = 0x0000006f8ba631c8
    Found by: previous frame's frame pointer
 2  libmonosgen-2.0.so!mono_array_new_full_checked [object.c : 5907 + 0x4]
     fp = 0x0000006fa4f534a0    lr = 0x0000006f8ba7615c
     sp = 0x0000006fa4f52b60    pc = 0x0000006f8bac0608
    Found by: previous frame's frame pointer
 3  libmonosgen-2.0.so!ves_icall_System_Array_InternalCreate [icall.c : 777 + 0x4]
     fp = 0x0000006fa4f534f0    lr = 0x00000070d5151e48
     sp = 0x0000006fa4f534b0    pc = 0x0000006f8ba7615c
    Found by: previous frame's frame pointer
 4  0x70d5151e44
     fp = 0x0000006fa4f535a0    lr = 0x00000070d5151d08
     sp = 0x0000006fa4f53500    pc = 0x00000070d5151e48
    Found by: previous frame's frame pointer
 5  0x70d5151d04
     fp = 0x0000006fa4f535e0    lr = 0x00000070d5151ba0
     sp = 0x0000006fa4f535b0    pc = 0x00000070d5151d08
    Found by: previous frame's frame pointer
 6  0x70d5151b9c
     fp = 0x0000006fa4f53620    lr = 0x00000070d514fa6c
     sp = 0x0000006fa4f535f0    pc = 0x00000070d5151ba0
    Found by: previous frame's frame pointer
 7  0x70d514fa68
     fp = 0x0000006fa4f53760    lr = 0x00000070d2948544
     sp = 0x0000006fa4f53630    pc = 0x00000070d514fa6c
    Found by: previous frame's frame pointer
 8  0x70d2948540
     fp = 0x0000006fa4f537c0    lr = 0x00000070d29483f0
     sp = 0x0000006fa4f53770    pc = 0x00000070d2948544
    Found by: previous frame's frame pointer
 9  0x70d29483ec
     fp = 0x0000006fa4f537e0    lr = 0x00000070d294834c
     sp = 0x0000006fa4f537d0    pc = 0x00000070d29483f0
    Found by: previous frame's frame pointer
10  0x70d2948348
     fp = 0x0000006fa4f53800    lr = 0x00000070d2948278
     sp = 0x0000006fa4f537f0    pc = 0x00000070d294834c
    Found by: previous frame's frame pointer
11  0x70d2948274
     fp = 0x0000006fa4f53820    lr = 0x0000006fbbf41958
     sp = 0x0000006fa4f53810    pc = 0x00000070d2948278
    Found by: previous frame's frame pointer
12  0x6fbbf41954
     fp = 0x0000006fa4f538f0    lr = 0x0000006fbbf41638
     sp = 0x0000006fa4f53830    pc = 0x0000006fbbf41958
    Found by: previous frame's frame pointer
13  0x6fbbf41634
     fp = 0x0000006fa4f53900    lr = 0x0000007032e82600
     sp = 0x0000006fa4f53900    pc = 0x0000006fbbf41638
    Found by: previous frame's frame pointer
14  0x7032e825fc
     fp = 0x0000006fa4f539c0    lr = 0x0000006f8b91d50c
     sp = 0x0000006fa4f53910    pc = 0x0000007032e82600
    Found by: previous frame's frame pointer
15  libmonosgen-2.0.so!mono_jit_runtime_invoke [mini-runtime.c : 3681 + 0x8]
     fp = 0x0000006fa4f53a20    lr = 0x0000006f8bab7c68
     sp = 0x0000006fa4f539d0    pc = 0x0000006f8b91d50c
    Found by: previous frame's frame pointer
16  libmonosgen-2.0.so!mono_runtime_try_invoke [object.c : 2738 + 0x18]
     fp = 0x0000006fa4f53ac0    lr = 0x0000006f8bab7220
     sp = 0x0000006fa4f53a30    pc = 0x0000006f8bab7c68
    Found by: previous frame's frame pointer
17  libmonosgen-2.0.so!mono_runtime_class_init_full [object.c : 556 + 0x10]
     fp = 0x0000006fa4f53ee0    lr = 0x0000006f8b93d328
     sp = 0x0000006fa4f53ad0    pc = 0x0000006f8bab7220
    Found by: previous frame's frame pointer
18  libmonosgen-2.0.so!mono_method_to_ir [method-to-ir.c : 10244 + 0x8]
     fp = 0x0000006fa4f54050    lr = 0x0000006f8b9120ac
     sp = 0x0000006fa4f53ef0    pc = 0x0000006f8b93d328
    Found by: previous frame's frame pointer
19  libmonosgen-2.0.so!mini_method_compile [mini.c : 3498 + 0x1c]
     fp = 0x0000006fa4f540b0    lr = 0x0000006f8b9146e8
     sp = 0x0000006fa4f54060    pc = 0x0000006f8b9120ac
    Found by: previous frame's frame pointer
20  libmonosgen-2.0.so!mono_jit_compile_method_inner [mini.c : 4132 + 0x18]
     fp = 0x0000006fa4f54550    lr = 0x0000006f8b9193b4
     sp = 0x0000006fa4f540c0    pc = 0x0000006f8b9146e8
    Found by: previous frame's frame pointer
21  libmonosgen-2.0.so!jit_compile_method_with_opt [mini-runtime.c : 2884 + 0x8]
     fp = 0x0000006fa4f54600    lr = 0x0000006f8b91cfac
     sp = 0x0000006fa4f54560    pc = 0x0000006f8b9193b4
    Found by: previous frame's frame pointer
22  libmonosgen-2.0.so!mono_jit_runtime_invoke [mini-runtime.c : 3514 + 0x0]
     fp = 0x0000006fa4f54660    lr = 0x0000006f8bab7c68
     sp = 0x0000006fa4f54610    pc = 0x0000006f8b91cfac
    Found by: previous frame's frame pointer
23  libmonosgen-2.0.so!mono_runtime_try_invoke [object.c : 2738 + 0x18]
     fp = 0x0000006fa4f54700    lr = 0x0000006f8bab7220
     sp = 0x0000006fa4f54670    pc = 0x0000006f8bab7c68
    Found by: previous frame's frame pointer
24  libmonosgen-2.0.so!mono_runtime_class_init_full [object.c : 556 + 0x10]
     fp = 0x0000006fa4f547e0    lr = 0x0000006f8babbb94
     sp = 0x0000006fa4f54710    pc = 0x0000006f8bab7220
    Found by: previous frame's frame pointer
25  libmonosgen-2.0.so!mono_field_get_value_object_checked [object.c : 3298 + 0x8]
     fp = 0x0000006fa4f54890    lr = 0x0000006f8ba850b8
     sp = 0x0000006fa4f547f0    pc = 0x0000006f8babbb94
    Found by: previous frame's frame pointer
26  libmonosgen-2.0.so!ves_icall_RuntimeFieldInfo_GetValueInternal_raw [icall-def.h : 388 + 0x4]
     fp = 0x0000006fa4f548d0    lr = 0x0000007045780c58
     sp = 0x0000006fa4f548a0    pc = 0x0000006f8ba850b8
    Found by: previous frame's frame pointer
27  libtombstoned_client.so + 0x1ac54
     fp = 0x0000006fa4f54970    lr = 0x0000007045780650
     sp = 0x0000006fa4f548e0    pc = 0x0000007045780c58
    Found by: previous frame's frame pointer
28  libtombstoned_client.so + 0x1a64c
     fp = 0x0000006fa4f549b0    lr = 0x00000070ccb0f6d8
     sp = 0x0000006fa4f54980    pc = 0x0000007045780650
    Found by: previous frame's frame pointer
29  0x70ccb0f6d4
     fp = 0x0000006fa4f549d0    lr = 0x000000701f171b28
     sp = 0x0000006fa4f549c0    pc = 0x00000070ccb0f6d8
    Found by: previous frame's frame pointer
30  0x701f171b24
     fp = 0x0000006fa4f54ad0    lr = 0x000000701f170098
     sp = 0x0000006fa4f549e0    pc = 0x000000701f171b28
    Found by: previous frame's frame pointer
31  0x701f170094
     fp = 0x0000006fa4f54af0    lr = 0x00000070cca974fc
     sp = 0x0000006fa4f54ae0    pc = 0x000000701f170098
    Found by: previous frame's frame pointer
32  0x70cca974f8
     fp = 0x0000006fa4f54b70    lr = 0x000000701f16ff70
     sp = 0x0000006fa4f54b00    pc = 0x00000070cca974fc
    Found by: previous frame's frame pointer
33  0x701f16ff6c
     fp = 0x0000006fa4f54ba0    lr = 0x0000006fbbfc4794
     sp = 0x0000006fa4f54b80    pc = 0x000000701f16ff70
    Found by: previous frame's frame pointer
34  0x6fbbfc4790
     fp = 0x0000006fa4f54bc0    lr = 0x0000006fbbfc46f0
     sp = 0x0000006fa4f54bb0    pc = 0x0000006fbbfc4794
    Found by: previous frame's frame pointer
35  0x6fbbfc46ec
     fp = 0x0000006fa4f54be0    lr = 0x00000070cca95070
     sp = 0x0000006fa4f54bd0    pc = 0x0000006fbbfc46f0
    Found by: previous frame's frame pointer
36  0x70cca9506c
     fp = 0x0000006fa4f54ca0    lr = 0x0000006f8b91d50c
     sp = 0x0000006fa4f54bf0    pc = 0x00000070cca95070
    Found by: previous frame's frame pointer
37  libmonosgen-2.0.so!mono_jit_runtime_invoke [mini-runtime.c : 3681 + 0x8]
     fp = 0x0000006fa4f54d00    lr = 0x0000006f8bab7c68
     sp = 0x0000006fa4f54cb0    pc = 0x0000006f8b91d50c
    Found by: previous frame's frame pointer
38  libmonosgen-2.0.so!mono_runtime_try_invoke [object.c : 2738 + 0x18]
     fp = 0x0000006fa4f54da0    lr = 0x0000006f8bab7220
     sp = 0x0000006fa4f54d10    pc = 0x0000006f8bab7c68
    Found by: previous frame's frame pointer
39  libmonosgen-2.0.so!mono_runtime_class_init_full [object.c : 556 + 0x10]
     fp = 0x0000006fa4f551c0    lr = 0x0000006f8b93d328
     sp = 0x0000006fa4f54db0    pc = 0x0000006f8bab7220
    Found by: previous frame's frame pointer
40  libmonosgen-2.0.so!mono_method_to_ir [method-to-ir.c : 10244 + 0x8]
     fp = 0x0000006fa4f55330    lr = 0x0000006f8b9120ac
     sp = 0x0000006fa4f551d0    pc = 0x0000006f8b93d328
    Found by: previous frame's frame pointer
41  libmonosgen-2.0.so!mini_method_compile [mini.c : 3498 + 0x1c]
     fp = 0x0000006fa4f55390    lr = 0x0000006f8b9146e8
     sp = 0x0000006fa4f55340    pc = 0x0000006f8b9120ac
    Found by: previous frame's frame pointer
42  libmonosgen-2.0.so!mono_jit_compile_method_inner [mini.c : 4132 + 0x18]
     fp = 0x0000006fa4f55830    lr = 0x0000006f8b9193b4
     sp = 0x0000006fa4f553a0    pc = 0x0000006f8b9146e8
    Found by: previous frame's frame pointer
43  libmonosgen-2.0.so!jit_compile_method_with_opt [mini-runtime.c : 2884 + 0x8]
     fp = 0x0000006fa4f558b0    lr = 0x0000006f8b918820
     sp = 0x0000006fa4f55840    pc = 0x0000006f8b9193b4
    Found by: previous frame's frame pointer
44  libmonosgen-2.0.so!mono_jit_compile_method [mini-runtime.c : 2903 + 0x0]
     fp = 0x0000006fa4f55910    lr = 0x0000006f8b9a99f0
     sp = 0x0000006fa4f558c0    pc = 0x0000006f8b918820
    Found by: previous frame's frame pointer
45  libmonosgen-2.0.so!common_call_trampoline [mini-trampolines.c : 628 + 0x8]
     fp = 0x0000006fa4f559d0    lr = 0x0000006f8b9a9554
     sp = 0x0000006fa4f55920    pc = 0x0000006f8b9a99f0
    Found by: previous frame's frame pointer
46  libmonosgen-2.0.so!mono_magic_trampoline [mini-trampolines.c : 769 + 0x0]
     fp = 0x0000006fa4f55a00    lr = 0x00000070d5641304
     sp = 0x0000006fa4f559e0    pc = 0x0000006f8b9a9554
    Found by: previous frame's frame pointer
47  0x70d5641300
     fp = 0x0000006fa4f55c20    lr = 0x0000006fbbf41520
     sp = 0x0000006fa4f55a10    pc = 0x00000070d5641304
    Found by: previous frame's frame pointer
48  0x6fbbf4151c
     fp = 0x0000006fa4f55c50    lr = 0x0000006fbbfc44e8
     sp = 0x0000006fa4f55c30    pc = 0x0000006fbbf41520
    Found by: previous frame's frame pointer
49  0x6fbbfc44e4
     fp = 0x0000006fa4f55df0    lr = 0x0000006fb64f816c
     sp = 0x0000006fa4f55c60    pc = 0x0000006fbbfc44e8
    Found by: previous frame's frame pointer
50  0x6fb64f8168
     fp = 0x0000006fa4f55e10    lr = 0x000000702a1e9db0
     sp = 0x0000006fa4f55e00    pc = 0x0000006fb64f816c
    Found by: previous frame's frame pointer
51  0x702a1e9dac
     fp = 0x0000006fa4f55e60    lr = 0x000000702a1e9b64
     sp = 0x0000006fa4f55e20    pc = 0x000000702a1e9db0
    Found by: previous frame's frame pointer
52  0x702a1e9b60
     fp = 0x0000006fa4f55e80    lr = 0x000000702a1d4adc
     sp = 0x0000006fa4f55e70    pc = 0x000000702a1e9b64
    Found by: previous frame's frame pointer
53  0x702a1d4ad8
     fp = 0x0000006fa4f55ea0    lr = 0x000000702a1d4a2c
     sp = 0x0000006fa4f55e90    pc = 0x000000702a1d4adc
    Found by: previous frame's frame pointer
54  0x702a1d4a28
     fp = 0x0000006fa4f55ed0    lr = 0x0000006fb6301484
     sp = 0x0000006fa4f55eb0    pc = 0x000000702a1d4a2c
    Found by: previous frame's frame pointer
55  0x6fb6301480
     fp = 0x0000006fa4f560a0    lr = 0x0000006fbbfda28c
     sp = 0x0000006fa4f55ee0    pc = 0x0000006fb6301484
    Found by: previous frame's frame pointer
56  0x6fbbfda288
     fp = 0x0000006fa4f56190    lr = 0x0000006f44d11bb4
     sp = 0x0000006fa4f560b0    pc = 0x0000006fbbfda28c
    Found by: previous frame's frame pointer
57  0x6f44d11bb0
     fp = 0x0000006fa4f561e0    lr = 0x0000006f742ab440
     sp = 0x0000006fa4f561a0    pc = 0x0000006f44d11bb4
    Found by: previous frame's frame pointer
58  0x6f742ab43c
     fp = 0x0000006fa4f56200    lr = 0x0000006f4e85d33c
     sp = 0x0000006fa4f561f0    pc = 0x0000006f742ab440
    Found by: previous frame's frame pointer
59  0x6f4e85d338
     fp = 0x0000006fa4f56280    lr = 0x0000006f4e85c9fc
     sp = 0x0000006fa4f56210    pc = 0x0000006f4e85d33c
    Found by: previous frame's frame pointer
60  0x6f4e85c9f8
     fp = 0x0000006fa4f562e0    lr = 0x0000006f4e85c648
     sp = 0x0000006fa4f56290    pc = 0x0000006f4e85c9fc
    Found by: previous frame's frame pointer
61  0x6f4e85c644
     fp = 0x0000006fa4f56300    lr = 0x0000006f44d11388
     sp = 0x0000006fa4f562f0    pc = 0x0000006f4e85c648
    Found by: previous frame's frame pointer
62  0x6f44d11384
     fp = 0x0000006fa4f56320    lr = 0x0000006f44d112b8
     sp = 0x0000006fa4f56310    pc = 0x0000006f44d11388
    Found by: previous frame's frame pointer
63  0x6f44d112b4
     fp = 0x0000006fa4f56340    lr = 0x0000007038434b50
     sp = 0x0000006fa4f56330    pc = 0x0000006f44d112b8
    Found by: previous frame's frame pointer
64  0x7038434b4c
     fp = 0x0000006fa4f563d0    lr = 0x000000703843496c
     sp = 0x0000006fa4f56350    pc = 0x0000007038434b50
    Found by: previous frame's frame pointer
65  0x7038434968
     fp = 0x0000006fa4f563f0    lr = 0x00000070384347dc
     sp = 0x0000006fa4f563e0    pc = 0x000000703843496c
    Found by: previous frame's frame pointer
66  0x70384347d8
     fp = 0x0000006fa4f56440    lr = 0x00000070ccb0b0a0
     sp = 0x0000006fa4f56400    pc = 0x00000070384347dc
    Found by: previous frame's frame pointer
67  0x70ccb0b09c
     fp = 0x0000006fa4f56500    lr = 0x0000006f8b91d50c
     sp = 0x0000006fa4f56450    pc = 0x00000070ccb0b0a0
    Found by: previous frame's frame pointer
68  libmonosgen-2.0.so!mono_jit_runtime_invoke [mini-runtime.c : 3681 + 0x8]
     fp = 0x0000006fa4f56560    lr = 0x0000006f8bab7c68
     sp = 0x0000006fa4f56510    pc = 0x0000006f8b91d50c
    Found by: previous frame's frame pointer
69  libmonosgen-2.0.so!mono_runtime_try_invoke [object.c : 2738 + 0x18]
     fp = 0x0000006fa4f56640    lr = 0x0000006f8baba8c4
     sp = 0x0000006fa4f56570    pc = 0x0000006f8bab7c68
    Found by: previous frame's frame pointer
70  libmonosgen-2.0.so!mono_runtime_invoke [object.c : 2664 + 0xc]
srxqds commented 2 weeks ago

it is because the RuntimeType has been gc moved in InternalCreate method: https://github.com/dotnet/runtime/blob/598d5f729a0d114a5909487e618eb842c6b45d58/src/mono/System.Private.CoreLib/src/System/Array.Mono.cs#L281-L287

dotnet-policy-service[bot] commented 2 weeks ago

Tagging subscribers to 'arch-android': @vitek-karas, @simonrozsival, @steveisok, @akoeplinger See info in area-owners.md if you want to be subscribed.

srxqds commented 2 weeks ago

Hope the official developers can help check the possible causes and how to fix it. This has a great impact on our products.

srxqds commented 2 weeks ago

hi, @BrzVlad maybe gc collect bug cause this problem? can help take time to review the stacktrace?