Opened 12 days ago

Closed 8 days ago

Last modified 6 days ago

#31616 closed defect (fixed)

Tor Browser on Android based on 60.9.0 is crashing on every launch

Reported by: gk Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version:
Severity: Major Keywords: tbb-mobile, tbb-crash, TorBrowserTeam201909R
Cc: sysrqb, sisbell, Sendpuzzles, EdmondDantes, Morand Actual Points:
Parent ID: Points: 2
Reviewer: Sponsor:

Description

It might be related to the issue tackled in #31140 or just another issue that the previous one hid. At any rate users are reporting app crashes on every launch even though the fix for #31140 shipped.

Child Tickets

Attachments (1)

error_31616_85_2.jpg (40.1 KB) - added by NewEraCracker 8 days ago.
Screnshot of initial javascript error with 31616_85_2.apk

Download all attachments as: .zip

Change History (49)

comment:1 Changed 12 days ago by sisbell

I can confirm crash on Android 10, Pixel 3. Looks like some problem with libxul.


09-03 23:51:12.698 2238 2238 E ject.torbrowse: Failed to find parent 0x7f0b0026 of bag 0x7f0b0018.
09-03 23:51:12.699 876 1180 I CHRE : @ 35912.078: [ImuCal] [NanoSensorCal:GYRO_RPS] Offset | Temperature [C]: -0.005801, -0.001343, -0.002674 | 32.50
09-03 23:51:12.700 876 1180 I CHRE : @ 35912.078: [ImuCal] [NanoSensorCal:GYRO_RPS] Temp Sensitivity: -0.000087, 0.000137, -0.000009
09-03 23:51:12.700 876 1180 I CHRE : @ 35912.078: [ImuCal] [NanoSensorCal:GYRO_RPS] Temp Intercept: -0.002911, -0.005683, -0.002335
09-03 23:51:12.723 853 1254 D platform_realtek: platform_enable_dsp: Disable
09-03 23:51:12.724 853 1254 I sound_trigger_hw: callback_thread_loop: Enter Suspend
09-03 23:51:12.748 2238 2238 D GeckoBrowserApp: Switchboard disabled - in automation
09-03 23:51:12.748 2238 2238 D GeckoTelemetryUploadSer: Telemetry upload disabled (env var?
09-03 23:51:12.751 2238 2309 E GeckoApp: An error occurred during restore, switching to backup file
09-03 23:51:12.751 2238 2309 E GeckoApp: org.mozilla.gecko.GeckoApp$SessionRestoreException: Could not read from session file
09-03 23:51:12.751 2238 2309 E GeckoApp: at org.mozilla.gecko.GeckoApp.restoreSessionTabs(GeckoApp.java:1637)
09-03 23:51:12.751 2238 2309 E GeckoApp: at org.mozilla.gecko.GeckoApp.access$200(GeckoApp.java:112)
09-03 23:51:12.751 2238 2309 E GeckoApp: at org.mozilla.gecko.GeckoApp$9.run(GeckoApp.java:1180)
09-03 23:51:12.751 2238 2309 E GeckoApp: at android.os.Handler.handleCallback(Handler.java:883)
09-03 23:51:12.751 2238 2309 E GeckoApp: at android.os.Handler.dispatchMessage(Handler.java:100)
09-03 23:51:12.751 2238 2309 E GeckoApp: at android.os.Looper.loop(Looper.java:214)
09-03 23:51:12.751 2238 2309 E GeckoApp: at org.mozilla.gecko.util.GeckoBackgroundThread.run(GeckoBackgroundThread.java:43)
09-03 23:51:12.754 2238 2309 E GeckoApp: An error occurred during restore
09-03 23:51:12.754 2238 2309 E GeckoApp: org.mozilla.gecko.GeckoApp$SessionRestoreException: Could not read from session file
09-03 23:51:12.754 2238 2309 E GeckoApp: at org.mozilla.gecko.GeckoApp.restoreSessionTabs(GeckoApp.java:1637)
09-03 23:51:12.754 2238 2309 E GeckoApp: at org.mozilla.gecko.GeckoApp.access$200(GeckoApp.java:112)
09-03 23:51:12.754 2238 2309 E GeckoApp: at org.mozilla.gecko.GeckoApp$9.run(GeckoApp.java:1198)
09-03 23:51:12.754 2238 2309 E GeckoApp: at android.os.Handler.handleCallback(Handler.java:883)
09-03 23:51:12.754 2238 2309 E GeckoApp: at android.os.Handler.dispatchMessage(Handler.java:100)
09-03 23:51:12.754 2238 2309 E GeckoApp: at android.os.Looper.loop(Looper.java:214)
09-03 23:51:12.754 2238 2309 E GeckoApp: at org.mozilla.gecko.util.GeckoBackgroundThread.run(GeckoBackgroundThread.java:43)


09-03 23:51:14.148 2238 2312 F libc : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae in tid 2312 (Gecko), pid 2238 (ject.torbrowser)
09-03 23:51:14.213 2238 2238 D TorBootstrap: Current Top=135
09-03 23:51:14.213 2238 2238 D TorBootstrap: Current Height=1350
09-03 23:51:14.213 2238 2238 D TorBootstrap: Current Width=1024
09-03 23:51:14.213 2238 2238 D TorBootstrap: Expected height=1198
09-03 23:51:14.213 2238 2238 D TorBootstrap: Expected width=1153
09-03 23:51:14.213 2238 2238 D TorBootstrap: New height=1198
09-03 23:51:14.213 2238 2238 D TorBootstrap: New width=1024
09-03 23:51:14.213 2238 2238 D TorBootstrap: New width without padding=600
09-03 23:51:14.213 2238 2238 D TorBootstrap: New height without padding=702
09-03 23:51:14.213 2238 2238 D TorBootstrap: New top padding=648
09-03 23:51:14.213 2238 2238 D TorBootstrap: New side padding=424
09-03 23:51:14.213 2414 2414 I crash_dump64: obtaining output fd from tombstoned, type: kDebuggerdTombstone
09-03 23:51:14.215 1044 1044 I /system/bin/tombstoned: received crash request for pid 2312
09-03 23:51:14.216 2414 2414 I crash_dump64: performing dump of process 2238 (target tid = 2312)
09-03 23:51:14.228 2414 2414 F DEBUG : * * * * * * * * * * * * * * * *
09-03 23:51:14.228 2414 2414 F DEBUG : Build fingerprint: 'google/sargo/sargo:10/QP1A.190711.020/5800535:user/release-keys'
09-03 23:51:14.228 2414 2414 F DEBUG : Revision: 'MP1.0'
09-03 23:51:14.228 2414 2414 F DEBUG : ABI: 'arm64'
09-03 23:51:14.229 2414 2414 F DEBUG : Timestamp: 2019-09-03 23:51:14-0700
09-03 23:51:14.229 2414 2414 F DEBUG : pid: 2238, tid: 2312, name: Gecko >>> org.torproject.torbrowser <<<
09-03 23:51:14.229 2414 2414 F DEBUG : uid: 10260
09-03 23:51:14.229 2414 2414 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae
09-03 23:51:14.229 2414 2414 F DEBUG : x0 00000071d7c0b4c0 x1 00000071d7c0b4c0 x2 0000007240443390 x3 00000071dfd58470
09-03 23:51:14.229 2414 2414 F DEBUG : x4 000000723263f5f8 x5 0000000000000001 x6 0000007240a30708 x7 fff8800000000000
09-03 23:51:14.229 2414 2414 F DEBUG : x8 00000071dfd58368 x9 0000007240065e40 x10 ffffffffffffffe6 x11 0000007240a30dc8
09-03 23:51:14.229 2414 2414 F DEBUG : x12 fffe0071dff32d30 x13 0000000000000000 x14 fffb000000000000 x15 0000000000000008
09-03 23:51:14.229 2414 2414 F DEBUG : x16 00000072326a3528 x17 0000007320e07340 x18 0000007240a30188 x19 000000000000000b
09-03 23:51:14.229 2414 2414 F DEBUG : x20 0000007240422778 x21 000000723263ff40 x22 fff8800000000000 x23 0000007240a30d08
09-03 23:51:14.229 2414 2414 F DEBUG : x24 0000007240a30c88 x25 0000007240a30b18 x26 0000007240a30ce8 x27 00000071dfd58470
09-03 23:51:14.229 2414 2414 F DEBUG : x28 0000007240a30670 x29 fff9000000000000
09-03 23:51:14.229 2414 2414 F DEBUG : sp 0000007240a30980 lr 0000007231377ed8 pc 0000007231375fe0
09-03 23:51:14.229 2414 2414 F DEBUG :
09-03 23:51:14.229 2414 2414 F DEBUG : backtrace:
09-03 23:51:14.229 2414 2414 F DEBUG : NOTE: Function names and BuildId information is missing for some frames due
09-03 23:51:14.229 2414 2414 F DEBUG : NOTE: to unreadable libraries. For unwinds of apps, only shared libraries
09-03 23:51:14.229 2414 2414 F DEBUG : NOTE: found under the lib/ directory are readable.
09-03 23:51:14.229 2414 2414 F DEBUG : #00 pc 00000000028bcfe0 /data/data/org.torproject.torbrowser/cache/libxul.so
09-03 23:51:14.605 1397 2423 I DropBoxManagerService: add tag=data_app_native_crash isTagEnabled=true flags=0x2
09-03 23:51:14.606 1044 1044 E /system/bin/tombstoned: Tombstone written to: /data/tombstones/tombstone_02
09-03 23:51:14.606 1397 2422 W ActivityTaskManager: Force finishing activity org.torproject.torbrowser/org.mozilla.gecko.BrowserApp
09-03 23:51:14.614 1397 1498 I BootReceiver: Copying /data/tombstones/tombstone_02 to DropBox (SYSTEM_TOMBSTONE)
09-03 23:51:14.615 1397 1498 I DropBoxManagerService: add tag=SYSTEM_TOMBSTONE isTagEnabled=true flags=0x2
09-03 23:51:14.616 1397 1470 W BroadcastQueue: Background execution not allowed: receiving Intent { act=android.intent.action.DROPBOX_ENTRY_ADDED flg=0x10 (has extras) } to com.google.android.gms/.stats.service.DropBoxEntryAddedReceiver
09-03 23:51:14.616 1397 1470 W BroadcastQueue: Background execution not allowed: receiving Intent { act=android.intent.action.DROPBOX_ENTRY_ADDED flg=0x10 (has extras) } to com.google.android.gms/.chimera.GmsIntentOperationService$PersistentTrustedReceiver
09-03 23:51:14.637 1397 1452 I ActivityManager: Showing crash dialog for package org.torproject.torbrowser u0
09-03 23:51:14.649 1397 1470 W BroadcastQueue: Background execution not allowed: receiving Intent { act=android.intent.action.DROPBOX_ENTRY_ADDED flg=0x10 (has extras) } to com.google.android.gms/.stats.service.DropBoxEntryAddedReceiver
09-03 23:51:14.649 1397 1470 W BroadcastQueue: Background execution not allowed: receiving Intent { act=android.intent.action.DROPBOX_ENTRY_ADDED flg=0x10 (has extras) } to com.google.android.gms/.chimera.GmsIntentOperationService$PersistentTrustedReceiver

comment:2 Changed 12 days ago by gk

So, this just happens on 64bit devices?

comment:3 Changed 12 days ago by cypherpunks

comment:4 Changed 12 days ago by gk

The sec level point is a good one. We should make sure that javascript.options.native_regexp is never set to true.

comment:6 Changed 12 days ago by cypherpunks

e.g. "This is the top crash for ARM64 Fennec ": https://bugzilla.mozilla.org/show_bug.cgi?id=1521158

comment:9 Changed 12 days ago by gk

Yes, we should but I think only sysrqb can do that right now. :(

comment:10 Changed 12 days ago by boklm

Cc: Sendpuzzles added

#31620 is a duplicate.

comment:11 Changed 12 days ago by cypherpunks

So, all those happy users spamming everywhere have just upgraded from 32-bit arm to 64-bit, is that supported at least?

comment:12 in reply to:  11 Changed 12 days ago by sysrqb

Replying to cypherpunks:

So, all those happy users spamming everywhere have just upgraded from 32-bit arm to 64-bit, is that supported at least?

Yes, there shouldn't be any impact from switching from a 32-bit library to a 64-bit library. This is what Mozilla did, as well - and this is what Google's policy effectively enforces.

comment:13 Changed 12 days ago by sysrqb

Google Play shows this is primarily affecting Android 9 on aarch64. signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae is interesting. This is the same fault address (and same code) as #31140.

comment:14 in reply to:  13 ; Changed 12 days ago by sysrqb

Replying to sysrqb:

Google Play shows this is primarily affecting Android 9 on aarch64. signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae is interesting. This is the same fault address (and same code) as #31140.

This is the same bug as #31140. acat found there was a syntax error on #31140 in the original patch and corrected that. I didn't notice the syntax error while I was testing the original patch and I incorrectly assumed the patch avoided the gecko crash, instead the syntax error preventing the code from executing.

After some more testing now, it does seems like javascript.options.native_regexp is the correct pref we should disable. ion is not the cause and it is enable by default (and it does not cause a crash).

From there it gets more interesting:

09-04 17:50:42.045  4803  4821 I GeckoThread: preparing to run Gecko
09-04 17:50:42.048  4803  4821 D GeckoThread: State changed to MOZGLUE_READY
[...]
09-04 17:50:42.234  4803  4821 E GeckoLibLoad: Load sqlite start
09-04 17:50:42.236  4803  4821 E GeckoLinker: /system/lib64/libc.so: Missing or broken DT_HASH
09-04 17:50:42.236  4803  4821 E GeckoLinker: /system/lib64/libc.so: Missing or broken DT_HASH
[...]
09-04 17:50:46.360  4803  4829 D         : HostConnection::get() New Host Connection established 0x79d891ea80, tid 4829
09-04 17:50:46.389  4803  4829 I OpenGLRenderer: Initialized EGL, version 1.4
09-04 17:50:46.390  4803  4829 D OpenGLRenderer: Swap behavior 1
09-04 17:50:46.391  4803  4829 W OpenGLRenderer: Failed to choose config with EGL_SWAP_BEHAVIOR_PRESERVED, retrying without...
09-04 17:50:46.391  4803  4829 D OpenGLRenderer: Swap behavior 0
09-04 17:50:46.402  4803  4829 D EGL_emulation: eglCreateContext: 0x79d89140e0: maj 2 min 0 rcv 2
09-04 17:50:46.406  4803  4829 D EGL_emulation: eglMakeCurrent: 0x79d89140e0: ver 2 0 (tinfo 0x79d892ae80)
09-04 17:50:46.511  4803  4821 F libc    : Fatal signal 11 (SIGSEGV), code 2, fault addr 0x79e8078108 in tid 4821 (Gecko)
09-04 17:50:46.519  4803  4803 D GeckoToolbar: onTabChanged: SELECTED
09-04 17:50:46.551  4803  4803 D GeckoBrowserApp: BrowserApp.onTabChanged: 0: SELECTED

comment:15 in reply to:  14 ; Changed 12 days ago by gk

Replying to sysrqb:

Replying to sysrqb:

Google Play shows this is primarily affecting Android 9 on aarch64. signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae is interesting. This is the same fault address (and same code) as #31140.

This is the same bug as #31140. acat found there was a syntax error on #31140 in the original patch and corrected that. I didn't notice the syntax error while I was testing the original patch and I incorrectly assumed the patch avoided the gecko crash, instead the syntax error preventing the code from executing.

After some more testing now, it does seems like javascript.options.native_regexp is the correct pref we should disable. ion is not the cause and it is enable by default (and it does not cause a crash).

I am wary having those JIT options on. Cypherpunks mentioned a meta bug about baseline JIT issues e.g. and there might be other ones as well (with ion as well although it might not be available on aarch64 on esr60?). I'd really like to avoid playing whack-a-mole here by us doing release after release to deal with those crash bugs one-by-one. We don't have the time and capacity for that.

comment:16 Changed 11 days ago by billybob55

I am facing the same issue, the Tor Browser crashes on startuo, I do not even have the time to press "Start". My device is a Samsung Galaxy S8 running Android 9.

comment:17 Changed 11 days ago by billybob55

This started since the latest update (published on Google Play store on the Sept 3)

comment:18 in reply to:  15 ; Changed 11 days ago by sysrqb

Replying to gk:

Replying to sysrqb:

Replying to sysrqb:

Google Play shows this is primarily affecting Android 9 on aarch64. signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae is interesting. This is the same fault address (and same code) as #31140.

This is the same bug as #31140. acat found there was a syntax error on #31140 in the original patch and corrected that. I didn't notice the syntax error while I was testing the original patch and I incorrectly assumed the patch avoided the gecko crash, instead the syntax error preventing the code from executing.

After some more testing now, it does seems like javascript.options.native_regexp is the correct pref we should disable. ion is not the cause and it is enable by default (and it does not cause a crash).

I am wary having those JIT options on. Cypherpunks mentioned a meta bug about baseline JIT issues e.g. and there might be other ones as well (with ion as well although it might not be available on aarch64 on esr60?). I'd really like to avoid playing whack-a-mole here by us doing release after release to deal with those crash bugs one-by-one. We don't have the time and capacity for that.

Understood, and I definitely agree with this. I modified the original torbutton patch such that it sets the three javascript.options. prefs as false. This prevents the app crash, but now torbutton is not initialized for some reason. about:tor is a blank, white screen and the torbutton logs show initialization fails/aborts/errors somewhere, but I haven't yet successfully found where this is happening in the code. It seems this is only occurring on aarch64 (torbutton is working on x86_64, but I did not try armv7).

comment:19 Changed 10 days ago by Horizon78

The problem is really serious and annoying! I can only ask the responsible as fast as it is to push a solution (patch) afterwards! When updating the Tor Browser, something seems to have gone horribly wrong! In any case, at least under Android is nothing! I have a Galaxy A7 (2018) Android 9! Please fix it! The Tor Browser was super good before!

comment:20 in reply to:  19 Changed 10 days ago by gk

Replying to Horizon78:

The problem is really serious and annoying! I can only ask the responsible as fast as it is to push a solution (patch) afterwards! When updating the Tor Browser, something seems to have gone horribly wrong! In any case, at least under Android is nothing! I have a Galaxy A7 (2018) Android 9! Please fix it! The Tor Browser was super good before!

Yes, we know and sorry for the inconvenience. We are working on it.

comment:21 in reply to:  18 Changed 10 days ago by gk

Replying to sysrqb:

Replying to gk:

Replying to sysrqb:

Replying to sysrqb:

Google Play shows this is primarily affecting Android 9 on aarch64. signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae is interesting. This is the same fault address (and same code) as #31140.

This is the same bug as #31140. acat found there was a syntax error on #31140 in the original patch and corrected that. I didn't notice the syntax error while I was testing the original patch and I incorrectly assumed the patch avoided the gecko crash, instead the syntax error preventing the code from executing.

After some more testing now, it does seems like javascript.options.native_regexp is the correct pref we should disable. ion is not the cause and it is enable by default (and it does not cause a crash).

I am wary having those JIT options on. Cypherpunks mentioned a meta bug about baseline JIT issues e.g. and there might be other ones as well (with ion as well although it might not be available on aarch64 on esr60?). I'd really like to avoid playing whack-a-mole here by us doing release after release to deal with those crash bugs one-by-one. We don't have the time and capacity for that.

Understood, and I definitely agree with this. I modified the original torbutton patch such that it sets the three javascript.options. prefs as false. This prevents the app crash, but now torbutton is not initialized for some reason. about:tor is a blank, white screen and the torbutton logs show initialization fails/aborts/errors somewhere, but I haven't yet successfully found where this is happening in the code. It seems this is only occurring on aarch64 (torbutton is working on x86_64, but I did not try armv7).

Huh. What branch of yours is this happening on?

comment:22 Changed 10 days ago by icarus

Can confirm.... Android 9, Samsung A20. Tried uninstalling and reinstalling but problem remains. MUST be issue with update. The Alpha version app does the same thing. I appreciate your work and dedication to this issue.

comment:23 in reply to:  22 Changed 10 days ago by gk

Replying to icarus:

Can confirm.... Android 9, Samsung A20. Tried uninstalling and reinstalling but problem remains. MUST be issue with update. The Alpha version app does the same thing. I appreciate your work and dedication to this issue.

Which alpha version do you mean? We think we fixed the problem for *alpha* in 9.0a6. We heard that one is not crashing anymore.

comment:24 Changed 10 days ago by k0b4ya5hilvl4ru

Hello, any ideas when the tor browser will be fixed for Android 9 devices

comment:25 Changed 9 days ago by gk

Cc: EdmondDantes added

Resolved #31662 as a duplicate.

comment:26 Changed 9 days ago by gk

Cc: Morand added

Resolved #31663 as a duplicate.

comment:27 Changed 9 days ago by gk

FWIW, not sure where we are here but I try to figure out the missing pieces over the weekend.

comment:28 in reply to:  18 ; Changed 9 days ago by gk

Replying to sysrqb:

Replying to gk:

Replying to sysrqb:

Replying to sysrqb:

Google Play shows this is primarily affecting Android 9 on aarch64. signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae is interesting. This is the same fault address (and same code) as #31140.

This is the same bug as #31140. acat found there was a syntax error on #31140 in the original patch and corrected that. I didn't notice the syntax error while I was testing the original patch and I incorrectly assumed the patch avoided the gecko crash, instead the syntax error preventing the code from executing.

After some more testing now, it does seems like javascript.options.native_regexp is the correct pref we should disable. ion is not the cause and it is enable by default (and it does not cause a crash).

I am wary having those JIT options on. Cypherpunks mentioned a meta bug about baseline JIT issues e.g. and there might be other ones as well (with ion as well although it might not be available on aarch64 on esr60?). I'd really like to avoid playing whack-a-mole here by us doing release after release to deal with those crash bugs one-by-one. We don't have the time and capacity for that.

Understood, and I definitely agree with this. I modified the original torbutton patch such that it sets the three javascript.options. prefs as false. This prevents the app crash, but now torbutton is not initialized for some reason. about:tor is a blank, white screen and the torbutton logs show initialization fails/aborts/errors somewhere, but I haven't yet successfully found where this is happening in the code. It seems this is only occurring on aarch64 (torbutton is working on x86_64, but I did not try armv7).

It seems your patch in bug31616_01 is working fine for me on the 8.5 branch. I can run an aarch64 bundle with it while without it it would crash on my system. I'll post the slightly updated branch for review shortly and a bundle for anyone being affected to try.

comment:29 in reply to:  28 Changed 9 days ago by gk

Replying to gk:

Replying to sysrqb:

Replying to gk:

Replying to sysrqb:

Replying to sysrqb:

Google Play shows this is primarily affecting Android 9 on aarch64. signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae is interesting. This is the same fault address (and same code) as #31140.

This is the same bug as #31140. acat found there was a syntax error on #31140 in the original patch and corrected that. I didn't notice the syntax error while I was testing the original patch and I incorrectly assumed the patch avoided the gecko crash, instead the syntax error preventing the code from executing.

After some more testing now, it does seems like javascript.options.native_regexp is the correct pref we should disable. ion is not the cause and it is enable by default (and it does not cause a crash).

I am wary having those JIT options on. Cypherpunks mentioned a meta bug about baseline JIT issues e.g. and there might be other ones as well (with ion as well although it might not be available on aarch64 on esr60?). I'd really like to avoid playing whack-a-mole here by us doing release after release to deal with those crash bugs one-by-one. We don't have the time and capacity for that.

Understood, and I definitely agree with this. I modified the original torbutton patch such that it sets the three javascript.options. prefs as false. This prevents the app crash, but now torbutton is not initialized for some reason. about:tor is a blank, white screen and the torbutton logs show initialization fails/aborts/errors somewhere, but I haven't yet successfully found where this is happening in the code. It seems this is only occurring on aarch64 (torbutton is working on x86_64, but I did not try armv7).

It seems your patch in bug31616_01 is working fine for me on the 8.5 branch. I can run an aarch64 bundle with it while without it it would crash on my system. I'll post the slightly updated branch for review shortly and a bundle for anyone being affected to try.

Oh, and with that I mean the sec level is correctly initalized in that all non-JIT prefs are set to standard values but the JIT ones are disabled. And about:tor behaves like normal. I've not tested an update, though, yet.

Last edited 9 days ago by gk (previous) (diff)

comment:30 Changed 9 days ago by gk

Keywords: TorBrowserTeam201909R added; TorBrowserTeam201909 removed
Status: newneeds_review

bug_31616 (https://gitweb.torproject.org/user/gk/torbutton.git/commit/?h=bug_31616&id=7d292d774a3605673c912b2d3a248b95c6fabcb1) has the patch up for review. A test bundle can be found at

https://people.torproject.org/~gk/testbuilds/31616_85_2.apk
https://people.torproject.org/~gk/testbuilds/31616_85_2.apk.asc

Please, anyone affected by this bug and following along, give that one a try and report back how it went, thanks.

comment:31 Changed 8 days ago by Horizon78

I have tested the version "42616_85_2.apk" on my tablet and it works! At the beginning there were two script errors, where I just clicked Run Script! Sorry that I forgot to write off the exact error! After that this nightly version worked as far as I can tell! I just thought "juchu" it works again! Even if it is the nightly version, it seems to be on the right track! Because I've heard that the alpha (nightly) is also affected by the constant crashes! Now only the update for the normal Tor Browser on Android and the problem is hopefully done! but will still try on my tablet the version and report! Thanks again!

comment:32 Changed 8 days ago by Horizon78

sorry of course I meant "31616_85_2.apk" as a version! Was a write mistake of mine!

comment:33 Changed 8 days ago by Horizon78

I can just say again quickly that the script error spits out "script: moz-extension: 7104dc46-4d7c-...40/Background-scripts/rules.js: 49" .... And if you download something wants and then the request comes if Tor may access the memory, the Tor Browser (nightly) depends on me at least! as mentioned before, I try this all the time on my tablet (Huawei m5 + Android 7) !!! may be on the device, the Android version or both together! However, this "31616_85_2.apk" always starts without crashing! The normal version, since the update, crashed on this tablet as with all others, which is not anymore! I hope I could help!

comment:34 in reply to:  30 Changed 8 days ago by k0b4ya5hilvl4ru

This nightlty version works without crashing.
Replying to gk:

bug_31616 (https://gitweb.torproject.org/user/gk/torbutton.git/commit/?h=bug_31616&id=7d292d774a3605673c912b2d3a248b95c6fabcb1) has the patch up for review. A test bundle can be found at

https://people.torproject.org/~gk/testbuilds/31616_85_2.apk
https://people.torproject.org/~gk/testbuilds/31616_85_2.apk.asc

Please, anyone affected by this bug and following along, give that one a try and report back how it went, thanks.

comment:35 Changed 8 days ago by Sendpuzzles

Now for nighty is working great on my device after downloading

https://people.torproject.org/~gk/testbuilds/31616_85_2.apk

comment:36 Changed 8 days ago by brostar14

What ever the issues with the store version both for normal and alpha is not in the nightly build. This nightly build works without issue.

comment:37 in reply to:  36 Changed 8 days ago by gk

Replying to brostar14:

What ever the issues with the store version both for normal and alpha is not in the nightly build. This nightly build works without issue.

That's good to hear. For what it is worth: the alpha version in the Google Play store (9.0a6) should *not* be affected by this bug or to put it better: while the 9.0a5 version was affected this should be fixed with 9.0a6. Can somebody verify that?

That said: if you used the F-Droid store you should a get a non-crashing stable Tor Browser version as we still ship only the armv7 one (which is not affected by the aarch64 issues). If Tor Browser does not show up there you might need to add the Guardian Project repo: https://guardianproject.info/fdroid/

comment:38 Changed 8 days ago by Horizon78

Addendum: On my Galaxy A7 (2018), the version runs perfectly without my previously mentioned problems with the script errors on my tablet! Excellent! Thumbs up! then there's the right normal Tor browser version under F-Droid?

comment:39 Changed 8 days ago by Horizon78

Can not you go to the normal app store from Google, just postpone an update? Otherwise I would not care if Google Play Store or f-droid!

comment:40 Changed 8 days ago by NewEraCracker

Version 60.9.0 of org.torproject.torbrowser does not work on either of my phones.
Version 68.1.0 of org.torproject.torbrowser_alpha is working fine on my phones.
I also tested the 31616_85_2.apk and works fine.

comment:41 in reply to:  30 ; Changed 8 days ago by sysrqb

Replying to gk:

bug_31616 (https://gitweb.torproject.org/user/gk/torbutton.git/commit/?h=bug_31616&id=7d292d774a3605673c912b2d3a248b95c6fabcb1) has the patch up for review. A test bundle can be found at

https://people.torproject.org/~gk/testbuilds/31616_85_2.apk
https://people.torproject.org/~gk/testbuilds/31616_85_2.apk.asc

Please, anyone affected by this bug and following along, give that one a try and report back how it went, thanks.

These patches look good. I verified they prevent the crash, as well. I think about:tor being blank was an artifact of something locally. I confirmed it's good with tor-browser-build, too.

Changed 8 days ago by NewEraCracker

Attachment: error_31616_85_2.jpg added

Screnshot of initial javascript error with 31616_85_2.apk

comment:42 Changed 8 days ago by NewEraCracker

I have attached above a picture of the only error I see in with 31616_85_2.apk during first open on about:tor page.

comment:43 in reply to:  42 Changed 8 days ago by gk

Replying to NewEraCracker:

I have attached above a picture of the only error I see in with 31616_85_2.apk during first open on about:tor page.

Yes, that could be a collateral damage of that patch. We could think about fixing *that*, too. But we'll likely bite that bullet and get Tor Browser 9 into shape which does not need all those workarounds and will be out next month.

comment:44 in reply to:  41 Changed 8 days ago by gk

Resolution: fixed
Status: needs_reviewclosed

Replying to sysrqb:

Replying to gk:

bug_31616 (https://gitweb.torproject.org/user/gk/torbutton.git/commit/?h=bug_31616&id=7d292d774a3605673c912b2d3a248b95c6fabcb1) has the patch up for review. A test bundle can be found at

https://people.torproject.org/~gk/testbuilds/31616_85_2.apk
https://people.torproject.org/~gk/testbuilds/31616_85_2.apk.asc

Please, anyone affected by this bug and following along, give that one a try and report back how it went, thanks.

These patches look good. I verified they prevent the crash, as well. I think about:tor being blank was an artifact of something locally. I confirmed it's good with tor-browser-build, too.

Thanks. I merged that to maint-2.1 (commit 7d292d774a3605673c912b2d3a248b95c6fabcb1) and we'll do a new build (8.5.6) tomorrow. I guess, even though, aarch64 is only affected we'll release the new version for all mobile architectures? (Assuming Google does not allow different versions to be the latest for different architectures AND having different ones would be confusing as well).

comment:45 Changed 7 days ago by k0b4ya5hilvl4ru

It says fixed but play store version is still not working, are you doing a new release?

comment:46 in reply to:  45 Changed 7 days ago by gk

Replying to k0b4ya5hilvl4ru:

It says fixed but play store version is still not working, are you doing a new release?

A release is currently rolling out. Tor Browser 8.5.6 should have the fix. Are you still on 8.5.5?

comment:47 Changed 7 days ago by k0b4ya5hilvl4ru

Updated, now works

comment:48 Changed 6 days ago by Horizon78

Perfect! works fine again after the update! Thank you very much!

Note: See TracTickets for help on using tickets.