orbot icon indicating copy to clipboard operation
orbot copied to clipboard

Published 20 hours ago verified publisher icon guardianproject

[BUG] Rare crash of orbot when switching off

Open robovoice1 opened this issue 10 months ago • 2 comments

Describe the Bug A clear and concise description of what the bug is.

When switching orbot off the app crashes in rare cases (happened two times since the last update)

To Reproduce Steps to reproduce the behavior: This crash cannot be reproduced regularly

Expected Behavior A clear and concise description of what you expected to happen.

No crashes at all when switching off

What Custom Configuration Do You Use? If applicable, how did you set up Orbot? Did you configure some settings? Always on vpn - on Block connections without vpn - on

Smartphone (please complete the following information):

  • Device: [e.g. Pixel 8] Google Pixel 6 pro
  • OS: [e.g. Android 14] Android15 GrapheneOS 2025012600
  • orbot Version: [e.g. v17.1 RC 2] version 17.4.1-BETA-2-tor-0.4.8.13

Crash Logs (Advanced) If applicable, add crash logs collected using ADB Logcat.

type: crash
osVersion: google/raven/raven:15/AP4A.250105.002/2025012600:user/release-keys
package: org.torproject.android:1741200202, targetSdk 34
process: org.torproject.android
installer: de.marmaro.krt.ffupdater

signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------

backtrace:
      #00 pc 00000000000638fc  /apex/com.android.runtime/lib64/bionic/libc.so (abort+156) (BuildId: 20ea26774a02b54fd99034474776c199)
      #01 pc 000000000048091c  /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (offset 0x16b0000) (tor_raw_abort_+12)
      #02 pc 000000000048cda0  /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (offset 0x16b0000) (tor_abort_+12)
      #03 pc 00000000003f3d34  /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (offset 0x16b0000) (hs_circuitmap_init+140)
      #04 pc 00000000003a098c  /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (offset 0x16b0000) (hs_init+28)
      #05 pc 0000000000308914  /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (offset 0x16b0000) (tor_init+128)
      #06 pc 000000000030916c  /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (offset 0x16b0000) (tor_run_main+160)
      #07 pc 0000000000307a5c  /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (offset 0x16b0000) (Java_org_torproject_jni_TorService_runMain+36)
      #08 pc 000000000009cab0  /system/framework/arm64/boot.oat (art_jni_trampoline+112) (BuildId: 63cc7157a4d26b751c667cee9c0ce0dfb5318bda)
      #09 pc 000000000136823c  /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/oat/arm64/base.odex (org.torproject.jni.TorService$3.run+2092)
      #10 pc 000000000040c594  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: 846f9579cf68883954a0467e63982358)
      #11 pc 0000000000244ea4  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+132) (BuildId: 846f9579cf68883954a0467e63982358)
      #12 pc 00000000004cf794  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1092) (BuildId: 846f9579cf68883954a0467e63982358)
      #13 pc 00000000004cf338  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallbackWithUffdGc(void*)+8) (BuildId: 846f9579cf68883954a0467e63982358)
      #14 pc 0000000000075d34  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+132) (BuildId: 20ea26774a02b54fd99034474776c199)
      #15 pc 0000000000066890  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: 20ea26774a02b54fd99034474776c199)

robovoice1 avatar Jan 27 '25 21:01 robovoice1

I had the same crash. This fixed it for me. https://github.com/guardianproject/tor-android/issues/154

syphyr avatar Jan 28 '25 01:01 syphyr

Today i had a hardened malloc crash of orbot android. Hardened Memory Allocator was enabed, Native code debugging was blocked in GrapheneOS.

Image

type: crash
package: org.torproject.android:1741200202, targetSdk 34
osVersion: google/raven/raven:15/AP4A.250105.002/2025012700:user/release-keys
uid: 10131 (u:r:untrusted_app:s0:c131,c256,c512,c768)
cmdline: org.torproject.android
processUptime: 14834s

abortMessage: hardened_malloc: fatal allocator error: double free (quarantine)

signal: 6 (SIGABRT), code -1 (SI_QUEUE)
threadName: pool-2-thread-5

backtrace:
    /apex/com.android.runtime/lib64/bionic/libc.so (abort+156, pc 638fc)
    /apex/com.android.runtime/lib64/bionic/libc.so (fatal_error+44, pc 4da04)
    /apex/com.android.runtime/lib64/bionic/libc.so (deallocate_small+1272, pc 4b2d8)
    /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (tcp_abandon+352, pc a6e808)
    /data/app/~~JqdIXweSq4DTN2O8N4uaHg==/org.torproject.android-DC59W35cdXyfNT6pIEkKYw==/base.apk (pc 3c1368)

Also tried today switching on/off orbot about 10 times in a short time - no crash

Switching off orbot and back on, and while reconnecting tapping on abort gives an app crash (about every 5th time) i tried.

It also appears to me when i have very low internet LTE connectivity i get those crashes.

Hope this info is useful 😃

robovoice1 avatar Jan 29 '25 22:01 robovoice1