Search Issue Tracker
Won't Fix
Won't Fix in 2021.3.X
Votes
0
Found in
2021.3.11f1
Issue ID
UUM-602
Regression
No
Crash on ves_icall_RuntimeFieldInfo_GetValueInternal_raw when trying to save a Project search query in the SearchEngine
Reproduction steps:
1. Open the user's attached project
2. Open Window -> Search -> New Window
3. Type anything in the search bar
4. Tap on the save icon right of the search bar and select 'Save Project...'
5. Name it and save it in the Assets folder
Expected result: The asset is saved
Actual result: The asset is saved but the Editor also crashes
Reproducible with: 2021.2.17f1, 2022.2.0a9
Couldn't test with: 2019.4.37f1, 2020.3.32f1 (Downgrading issues)
Stacktrace:
0x00007ffaac502269 (mono-2.0-bdwgc) \[icall-def.h:700] ves_icall_RuntimeFieldInfo_GetValueInternal_raw
0x000002cdceeb0134 (Mono JIT Code) (wrapper managed-to-native) System.Reflection.RuntimeFieldInfo:GetValueInternal (System.Reflection.RuntimeFieldInfo,object)
0x000002cdceeaf8eb (Mono JIT Code) System.Reflection.RuntimeFieldInfo:GetValue (object)
0x000002d0fece86f0 (Mono JIT Code) \[ReflectionUtility.cs:125] Reflection.Helpers.ReflectionHelpers:GetAllFieldPathsRecursiveCall<TFieldType_REF> (object,System.Collections.Generic.List`1<string>,string,System.Collections.Generic.HashSet`1<object>)
Add comment
All about bugs
View bugs we have successfully reproduced, and vote for the bugs you want to see fixed most urgently.
Latest issues
- Shader Graph Node information is briefly displayed in Graph Inspector when clicking on Category in the Blackboard
- Module installation fails with "Download failed: Validation Failed" errors when using beta.2 Hub version
- JsonConvert conversion fails trying to call GetCallbackMethodsForType when [OnDeserialized] is used in a class
- Shader Graph Category dropdown cannot be expanded/collapsed when clicking on the text
- Different text alignment in the column header in Entities "System" window
Resolution Note:
Crash is caused by customer project passing in a bad Pointer into a Reflection API. When mono attempts to resolve the _ptr field containing the bad pointer value it accesses invalid memory triggering a crash. Unfortunately introducing a check for a valid pointer will have severe performance issues and we will have to trust that users ensure they are passing in valid data to Reflection APIs.
Resolution Note (2021.3.X):
Crash is caused by customer project passing in a bad Pointer into a Reflection API. When mono attempts to resolve the _ptr field containing the bad pointer value it accesses invalid memory triggering a crash. Unfortunately introducing a check for a valid pointer will have severe performance issues and we will have to trust that users ensure they are passing in valid data to Reflection APIs.