orbot icon indicating copy to clipboard operation
orbot copied to clipboard

Published 20 hours ago verified publisher icon guardianproject

SIGSEGV with CN Exit Nodes

Open 532910 opened this issue 3 years ago • 4 comments

With Exit Nodes set to {CN} I often get segfault:

--------- beginning of crash
10-07 08:21:18.098 12915 18142 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x20 in tid 18142 (Thread-12), pid 12915 (project.android)
10-07 08:21:18.142 18154 18156 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.143 18149 18151 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.180 18160 18160 I crash_dump64: obtaining output fd from tombstoned, type: kDebuggerdTombstone
10-07 08:21:18.181  2546  2546 I /system/bin/tombstoned: received crash request for pid 18142
10-07 08:21:18.182 18160 18160 I crash_dump64: performing dump of process 12915 (target tid = 18142)
10-07 08:21:18.193 18154 18156 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.195 18149 18151 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.198 18160 18160 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
10-07 08:21:18.198 18160 18160 F DEBUG   : LineageOS Version: '17.1-20200924-microG-oneplus3'
10-07 08:21:18.198 18160 18160 F DEBUG   : Build fingerprint: 'OnePlus/OnePlus3/OnePlus3T:8.0.0/OPR1.170623.032/02281230:user/release-keys'
10-07 08:21:18.198 18160 18160 F DEBUG   : Revision: '0'
10-07 08:21:18.198 18160 18160 F DEBUG   : ABI: 'arm64'
10-07 08:21:18.199 18160 18160 F DEBUG   : Timestamp: 2020-10-07 08:21:18+0300
10-07 08:21:18.199 18160 18160 F DEBUG   : pid: 12915, tid: 18142, name: Thread-12  >>> org.torproject.android <<<
10-07 08:21:18.199 18160 18160 F DEBUG   : uid: 10255
10-07 08:21:18.199 18160 18160 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x20
10-07 08:21:18.199 18160 18160 F DEBUG   : Cause: null pointer dereference
10-07 08:21:18.199 18160 18160 F DEBUG   :     x0  0000007d28dcc5a0  x1  0000000000000005  x2  0000007d28db2038  x3  00000000000000fa
10-07 08:21:18.199 18160 18160 F DEBUG   :     x4  0000000000000000  x5  0000000000000008  x6  00000000341555ac  x7  0000000005a7d944
10-07 08:21:18.199 18160 18160 F DEBUG   :     x8  449723db4ea761cf  x9  449723db4ea761cf  x10 00000000000003e8  x11 000000000d74d25d
10-07 08:21:18.199 18160 18160 F DEBUG   :     x12 0000000000000345  x13 fff7fff7f07c1800  x14 0000000000000001  x15 000000000000ff00
10-07 08:21:18.199 18160 18160 F DEBUG   :     x16 0000007d28dc9bd8  x17 0000007e14eaa598  x18 0000007d138fc000  x19 0000007d28dcc5a0
10-07 08:21:18.199 18160 18160 F DEBUG   :     x20 0000007d28dcc5b0  x21 0000000000000000  x22 0000007d28dcc5e0  x23 00000000000000fa
10-07 08:21:18.199 18160 18160 F DEBUG   :     x24 0000000000000000  x25 0000007d28db1fe6  x26 0000000000000001  x27 00000000000000fa
10-07 08:21:18.199 18160 18160 F DEBUG   :     x28 0000007d28dcc5c0  x29 0000007d7c369e20
10-07 08:21:18.199 18160 18160 F DEBUG   :     sp  0000007d7c369df0  lr  0000007d28d956b0  pc  0000007d28d9607c
10-07 08:21:18.244 18154 18156 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.246 18149 18151 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.295 18154 18156 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.297 18149 18151 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.314 18160 18160 F DEBUG   : 
10-07 08:21:18.314 18160 18160 F DEBUG   : backtrace:
10-07 08:21:18.314 18160 18160 F DEBUG   :       #00 pc 000000000000b07c  /data/app/org.torproject.android-MkurgWJ9bF8IjrijWHQYOg==/lib/arm64/libtun2socks.so (BuildId: df76f3da1a502de2f0b6e093715e61656150f650)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #01 pc 000000000000a6ac  /data/app/org.torproject.android-MkurgWJ9bF8IjrijWHQYOg==/lib/arm64/libtun2socks.so (BReactor_Exec+932) (BuildId: df76f3da1a502de2f0b6e093715e61656150f650)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #02 pc 0000000000020510  /data/app/org.torproject.android-MkurgWJ9bF8IjrijWHQYOg==/lib/arm64/libtun2socks.so (Java_org_torproject_android_service_vpn_Tun2Socks_runTun2Socks+3036) (BuildId: df76f3da1a502de2f0b6e093715e61656150f650)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #03 pc 000000000013f350  /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #04 pc 00000000001365b8  /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #05 pc 0000000000145084  /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #06 pc 00000000002e343c  /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #07 pc 00000000002df45c  /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<true, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+712) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #08 pc 00000000005a726c  /apex/com.android.runtime/lib64/libart.so (MterpInvokeStaticRange+236) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #09 pc 0000000000130c94  /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static_range+20) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #10 pc 00000000002e23bc  /data/app/org.torproject.android-MkurgWJ9bF8IjrijWHQYOg==/oat/arm64/base.vdex (org.torproject.android.service.vpn.Tun2Socks.Start+68)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #11 pc 00000000005a7498  /apex/com.android.runtime/lib64/libart.so (MterpInvokeStaticRange+792) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #12 pc 0000000000130c94  /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static_range+20) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #13 pc 00000000002e156e  /data/app/org.torproject.android-MkurgWJ9bF8IjrijWHQYOg==/oat/arm64/base.vdex (org.torproject.android.service.vpn.OrbotVpnManager$2.run+486)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #14 pc 00000000002b4380  /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.10283172362094725612+240) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #15 pc 0000000000592cb8  /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+944) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #16 pc 000000000013f468  /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #17 pc 0000000000136334  /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #18 pc 0000000000145064  /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #19 pc 00000000004b114c  /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #20 pc 00000000004b221c  /apex/com.android.runtime/lib64/libart.so (art::InvokeVirtualOrInterfaceWithJValues(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, jvalue const*)+416) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.314 18160 18160 F DEBUG   :       #21 pc 00000000004f2784  /apex/com.android.runtime/lib64/libart.so (art::Thread::CreateCallback(void*)+1172) (BuildId: a0de32d5cd8b6ef7386adb27fa34113b)
10-07 08:21:18.315 18160 18160 F DEBUG   :       #22 pc 00000000000e49b0  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+36) (BuildId: e197188b8993d24c80d269ede338a1d0)
10-07 08:21:18.315 18160 18160 F DEBUG   :       #23 pc 0000000000083f88  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: e197188b8993d24c80d269ede338a1d0)
10-07 08:21:18.346 18154 18156 E pdnsd   : tcp accept failed: Invalid argument
10-07 08:21:18.347 18149 18151 E pdnsd   : tcp accept failed: Invalid argument

532910 avatar Oct 07 '20 05:10 532910

Strange that an exit node would cause a crash in the VPN, when they are running in separate processes. Will investigate.

Otherwise, why would you use CN exit nodes?

n8fr8 avatar Oct 07 '20 12:10 n8fr8

I needed to install an app from huawei store, that says: "not available in your region".

532910 avatar Oct 07 '20 21:10 532910

I'm seeing the very same crash here once in a while and I don't have the exit nodes set to {CN}.

log.txt

pgerber avatar Mar 02 '21 08:03 pgerber

There exist no nodes in CN? Only Hongkong

4-FLOSS-Free-Libre-Open-Source-Software avatar Jul 03 '21 06:07 4-FLOSS-Free-Libre-Open-Source-Software