[tor-bugs] #31616 [Applications/Tor Browser]: Tor Browser on Android based on 60.9.0 is crashing on every launch
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Sep 5 16:02:28 UTC 2019
#31616: Tor Browser on Android based on 60.9.0 is crashing on every launch
-------------------------------------------------+-------------------------
Reporter: gk | Owner: tbb-
| team
Type: defect | Status: new
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: tbb-mobile, tbb-crash, | Actual Points:
TorBrowserTeam201909 |
Parent ID: | Points: 2
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by sysrqb):
Replying to [comment:15 gk]:
> Replying to [comment:14 sysrqb]:
> > Replying to [comment:13 sysrqb]:
> > > Google Play shows this is primarily affecting Android 9 on aarch64.
`signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2aae` is
interesting. This is the same fault address (and same code) as #31140.
> >
> > This is the same bug as #31140. acat found there was a syntax error on
[ticket:31140#comment:30 #31140] in the original patch and corrected that.
I didn't notice the syntax error while I was testing the original patch
and I incorrectly assumed the patch avoided the gecko crash, instead the
syntax error preventing the code from executing.
> >
> > After some more testing now, it does seems like
`javascript.options.native_regexp` is the correct pref we should disable.
`ion` is not the cause and it is enable by default (and it does not cause
a crash).
>
> I am wary having those JIT options on. Cypherpunks mentioned a meta bug
about baseline JIT issues e.g. and there might be other ones as well (with
`ion` as well although it might not be available on aarch64 on esr60?).
I'd really like to avoid playing whack-a-mole here by us doing release
after release to deal with those crash bugs one-by-one. We don't have the
time and capacity for that.
Understood, and I definitely agree with this. I modified the original
torbutton patch such that it sets the three `javascript.options.` prefs as
false. This prevents the app crash, but now torbutton is not initialized
for some reason. `about:tor` is a blank, white screen and the torbutton
logs show initialization fails/aborts/errors somewhere, but I haven't yet
successfully found where this is happening in the code. It seems this is
only occurring on aarch64 (torbutton is working on x86_64, but I did not
try armv7).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31616#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list