Closed gubatron closed 2 years ago
Maybe you will also come across this issue @aldenml
If you have any tips on how to find a symbol, or source code line with gdb or llvm-debugger and the symbol file given by the build it would be appreciated. Not sure if I can even use the debugger on a .debug.so file for arm architecture being on a x86_64 cpu
also tried running a debugging server on the device, but I think I have to root it to do this.
Also, I'm building with <cxxflags>-g
I've commented out from the jam file:
# <cxxflags>-std=c++14
# <cxxflags>-frwpi
# <cxxflags>-ggdb
# <cxxflags>-gdwarf-4
# <cxxflags>-fdebug-macro
# <linkflags>-fuse-ld=bfd
Still got the crash with all of those
User @anantadwi13 also sends a similar crash on arm64 (FML)
I found a problem when running FrostWire 2.4.0-b681 on Android 8.1. It crashed and showed me libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x0 after opening the app. I think this happens because of jlibtorrent v1.2.14.0. I found no problem on Android 11 device (Xiaomi Redmi Note 8 Pro).
2021-08-28 00:00:39.778 26603-26603/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2021-08-28 00:00:39.778 26603-26603/? A/DEBUG: Build fingerprint: 'xiaomi/vince/vince:8.1.0/OPM1.171019.019/V11.0.2.0.OEGMIXM:user/release-keys'
2021-08-28 00:00:39.778 26603-26603/? A/DEBUG: Revision: '0'
2021-08-28 00:00:39.778 26603-26603/? A/DEBUG: ABI: 'arm64'
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: pid: 26538, tid: 26594, name: Thread-6 >>> com.frostwire.android <<<
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: Cause: null pointer dereference
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: x0 0000007bc352cea8 x1 0000000000000000 x2 ffffffffffffffe8 x3 0000007bc352cfc0
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: x4 0000007bc352d028 x5 0000000000000004 x6 0000000000000000 x7 0000000000000000
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: x8 0000000000000000 x9 0000000000000000 x10 0000000000000000 x11 0000000000000000
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: x12 0000000000000000 x13 0000000000000000 x14 000000000000000d x15 aaaaaaaaaaaaaaab
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: x16 0000007bc3cb2260 x17 0000007c665e6c70 x18 0000007bd9a48c70 x19 0000007bc352d100
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: x20 0000000000000048 x21 0000007bc352cee8 x22 0000007bd9b98c00 x23 0000007bc352d040
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: x24 0000000000000001 x25 0000007bc352ceb0 x26 0000007bc352ced0 x27 0000000000000006
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: x28 0000007bd9b493d0 x29 0000007bc352d0b0 x30 0000007bc38bc8b0
2021-08-28 00:00:39.779 26603-26603/? A/DEBUG: sp 0000007bc352cea0 pc 0000007bc38bc8c0 pstate 0000000080000000
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: backtrace:
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #00 pc 00000000002898c0 /data/app/com.frostwire.android-_dyaEEYI7bmBQMgi6B2fZg==/base.apk (offset 0x848000)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #01 pc 00000000001b8458 /data/app/com.frostwire.android-_dyaEEYI7bmBQMgi6B2fZg==/base.apk (offset 0x848000)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #02 pc 00000000001b7d34 /data/app/com.frostwire.android-_dyaEEYI7bmBQMgi6B2fZg==/base.apk (offset 0x848000)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #03 pc 00000000001d4334 /data/app/com.frostwire.android-_dyaEEYI7bmBQMgi6B2fZg==/base.apk (offset 0x848000)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #04 pc 00000000001cb37c /data/app/com.frostwire.android-_dyaEEYI7bmBQMgi6B2fZg==/base.apk (offset 0x848000)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #05 pc 0000000000174cc0 /data/app/com.frostwire.android-_dyaEEYI7bmBQMgi6B2fZg==/base.apk (offset 0x848000)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #06 pc 00000000001749a4 /data/app/com.frostwire.android-_dyaEEYI7bmBQMgi6B2fZg==/base.apk (offset 0x848000)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #07 pc 00000000001a10a0 /data/app/com.frostwire.android-_dyaEEYI7bmBQMgi6B2fZg==/base.apk (offset 0x848000)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #08 pc 0000000000067e50 /system/lib64/libc.so (__pthread_start(void*)+36)
2021-08-28 00:00:39.785 26603-26603/? A/DEBUG: #09 pc 000000000001f280 /system/lib64/libc.so (__start_thread+68)
A few more crashlogs from some installs in the wild, they're all armv7 (32bit) and armv8 (64bit)
One thing is new, I keep seeing this split_config
message, which different people say it's something else.
Tried playing with this gradle flag:
android0.bundle.enableUncompressedNativeLibs=true
android0.bundle.enableUncompressedNativeLibs=false
I can still replicate the crash in an arm device I could get my hands on.
Samsung Galaxy J6 / Android 9 (SDK 28) / arm v7a
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
pid: 0, tid: 0 >>> com.frostwire.android <<<
backtrace:
#00 pc 000000000040be40 /data/app/com.frostwire.android-GNdKlEWYsrKYhjC5f7TPIQ==/split_config.armeabi_v7a.apk (offset 0x1000)
#00 pc 00000000002bb368 /data/app/com.frostwire.android-GNdKlEWYsrKYhjC5f7TPIQ==/split_config.armeabi_v7a.apk (offset 0x1000)
#00 pc 00000000002bab7c /data/app/com.frostwire.android-GNdKlEWYsrKYhjC5f7TPIQ==/split_config.armeabi_v7a.apk (offset 0x1000)
#00 pc 00000000002daf34 /data/app/com.frostwire.android-GNdKlEWYsrKYhjC5f7TPIQ==/split_config.armeabi_v7a.apk (offset 0x1000)
#00 pc 00000000002d1b28 /data/app/com.frostwire.android-GNdKlEWYsrKYhjC5f7TPIQ==/split_config.armeabi_v7a.apk (offset 0x1000)
#00 pc 00000000001ebcec /data/app/com.frostwire.android-GNdKlEWYsrKYhjC5f7TPIQ==/split_config.armeabi_v7a.apk (offset 0x1000) (boost::asio::detail::scheduler::do_run_one(boost::asio::detail::conditionally_enabled_mutex::scoped_lock&, boost::asio::detail::scheduler_thread_info&, boost::system::error_code const&)+568)
#00 pc 00000000001eb8f0 /data/app/com.frostwire.android-GNdKlEWYsrKYhjC5f7TPIQ==/split_config.armeabi_v7a.apk (offset 0x1000) (boost::asio::detail::scheduler::run(boost::system::error_code&)+216)
#00 pc 000000000029f450 /data/app/com.frostwire.android-GNdKlEWYsrKYhjC5f7TPIQ==/split_config.armeabi_v7a.apk (offset 0x1000)
#00 pc 0000000000065a3b /system/lib/libc.so (__pthread_start(void*)+154)
#00 pc 000000000001e4fd /system/lib/libc.so (__start_thread+32)
Samsung Galaxy S9+ / Android 10 (SDK 29) / arm64 v8a This is the most popular instance, almost 750 crashes from 52 poor users in a limited test for up to 1024 installs. Samsung devices are way too popular.
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
pid: 0, tid: 0 >>> com.frostwire.android <<<
backtrace:
#00 pc 00000000002898c0 /data/app/com.frostwire.android-PBYl8P-raC4qyE3hUv-2MQ==/split_config.arm64_v8a.apk!libjlibtorrent.so (offset 0x1000)
#00 pc 00000000001b8458 /data/app/com.frostwire.android-PBYl8P-raC4qyE3hUv-2MQ==/split_config.arm64_v8a.apk!libjlibtorrent.so (offset 0x1000)
#00 pc 00000000001b7d34 /data/app/com.frostwire.android-PBYl8P-raC4qyE3hUv-2MQ==/split_config.arm64_v8a.apk!libjlibtorrent.so (offset 0x1000)
#00 pc 00000000001d4334 /data/app/com.frostwire.android-PBYl8P-raC4qyE3hUv-2MQ==/split_config.arm64_v8a.apk!libjlibtorrent.so (offset 0x1000)
#00 pc 00000000001cb37c /data/app/com.frostwire.android-PBYl8P-raC4qyE3hUv-2MQ==/split_config.arm64_v8a.apk!libjlibtorrent.so (offset 0x1000)
#00 pc 0000000000174cc0 /data/app/com.frostwire.android-PBYl8P-raC4qyE3hUv-2MQ==/split_config.arm64_v8a.apk!libjlibtorrent.so (offset 0x1000) (boost::asio::detail::scheduler::do_run_one(boost::asio::detail::conditionally_enabled_mutex::scoped_lock&, boost::asio::detail::scheduler_thread_info&, boost::system::error_code const&)+480)
#00 pc 00000000001749a4 /data/app/com.frostwire.android-PBYl8P-raC4qyE3hUv-2MQ==/split_config.arm64_v8a.apk!libjlibtorrent.so (offset 0x1000) (boost::asio::detail::scheduler::run(boost::system::error_code&)+244)
#00 pc 00000000001a10a0 /data/app/com.frostwire.android-PBYl8P-raC4qyE3hUv-2MQ==/split_config.arm64_v8a.apk!libjlibtorrent.so (offset 0x1000)
#00 pc 00000000000e6f10 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+36)
#00 pc 00000000000850c8 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64)
For some reason this isn't happening with the arm64 CPU of the OnePlus 7T
Detective mode on.
I'm getting the crash on a
Qualcomm Snapdragon 425, 1.31 GHz 4x ARM Cortex-A53 revision r0p4 28nm tech
Device: V341U, vsmart board msm8937 5.99 inch screen 720x1440, 268 dpi, 1878 MB RAM, 11.99GB storage
Android 10, API 29 Java VM ART 2.1.0 armv7l kernel architecture Kernel version 4.9.206-perf+ (V341U_A1_210524)
Non rooted
It is not crashing on
Qualcomm Snapdragon 855+ 2.96 GHz (SM8150) 8x Kryo 485 revision r13p14 7nm tech
Device: HD1905 (OnePlus7T), oneplus board: msmnile 6.31 inch screen 1080x2400, 417 dpi, 7473 MB RAM, 95.47GB storage
Android 11, API 30 Java VM ART 2.1.0 aarch64 (aka arm64-v8a) kernel architecture Kernel version 4.14.190-perf+ (2106291438)
Non rooted
Updated to NDK23, built with clang abi 24, c++17, still crashing on arm-v7 device, FML
WIll see if updating to newer code changes in libtorrent helps. Other than that just tinkering with cxx and ld flags
Update: Last night after hundreds of attempts these past weeks I got it to run without crashing on an arm device that always crashed after updating SWIG to 4.0.2 in the Docker linux image. However, it's crashing now and now the crash is finally showing some detail related to the network interface enumeration, which makes me believe, perhaps I performed a build using netlink.
I hope it's not, otherwise I'll have to patch the network interface enumeration code to not crash with IF_ADDR
Finally got a more verbose crashlog:
(offset 0xf28000) (libtorrent::aux::session_impl::reopen_listen_sockets(bool)+196)
09-10 17:15:56.204 29372 29452 F libc : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0 in tid 29452 (Thread-6), pid 29372 (cation.java:85))
09-10 17:15:56.230 29372 29431 I FA : Tag Manager is not found and thus will not be used
09-10 17:15:56.277 29372 29431 V FA : Connection attempt already in progress
09-10 17:15:56.310 29372 29431 V FA : Connection attempt already in progress
09-10 17:15:56.350 29458 29458 I crash_dump32: obtaining output fd from tombstoned, type: kDebuggerdTombstone
09-10 17:15:56.353 822 822 I /system/bin/tombstoned: received crash request for pid 29452
09-10 17:15:56.354 29458 29458 I crash_dump32: performing dump of process 29372 (target tid = 29452)
09-10 17:15:56.377 29372 29431 V FA : Connection attempt already in progress
09-10 17:15:56.401 29458 29458 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
09-10 17:15:56.401 29458 29458 F DEBUG : Build fingerprint: 'att/v341u/v341u:10/QKQ1.200311.002/V341U_A1_210524:user/release-keys'
09-10 17:15:56.401 29458 29458 F DEBUG : Revision: 'REV1.0'
09-10 17:15:56.401 29458 29458 F DEBUG : ABI: 'arm'
09-10 17:15:56.403 29458 29458 F DEBUG : Timestamp: 2021-09-10 17:15:56-0400
09-10 17:15:56.404 29458 29458 F DEBUG : pid: 29372, tid: 29452, name: Thread-6 >>> com.frostwire.android <<<
09-10 17:15:56.404 29458 29458 F DEBUG : uid: 10182
09-10 17:15:56.404 29458 29458 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
09-10 17:15:56.404 29458 29458 F DEBUG : Cause: null pointer dereference
09-10 17:15:56.404 29458 29458 F DEBUG : r0 00000000 r1 00000000 r2 00000038 r3 85433f40
09-10 17:15:56.404 29458 29458 F DEBUG : r4 85433dc8 r5 8425d300 r6 98c62b18 r7 00000001
09-10 17:15:56.404 29458 29458 F DEBUG : r8 85433dd0 r9 85434000 r10 85433f50 r11 85433f98
09-10 17:15:56.404 29458 29458 F DEBUG : ip 00000000 sp 85433db8 lr 8337b378 pc 8337b390
09-10 17:15:56.416 29458 29458 F DEBUG :
09-10 17:15:56.416 29458 29458 F DEBUG : backtrace:
09-10 17:15:56.417 29458 29458 F DEBUG : #00 pc 00530390 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
09-10 17:15:56.417 29458 29458 F DEBUG : #01 pc 003df638 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (libtorrent::aux::session_impl::reopen_listen_sockets(bool)+196) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
09-10 17:15:56.417 29458 29458 F DEBUG : #02 pc 003dee48 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (libtorrent::aux::session_impl::init()+656) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
09-10 17:15:56.417 29458 29458 F DEBUG : #03 pc 003fed1c /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (_ZN10libtorrent3aux12session_impl4wrapIMS1_FvvEJEEEvT_DpOT0_+48) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
09-10 17:15:56.417 29458 29458 F DEBUG : #04 pc 003f5844 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
09-10 17:15:56.418 29458 29458 F DEBUG : #05 pc 00312928 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (boost::asio::detail::scheduler::do_run_one(boost::asio::detail::conditionally_enabled_mutex::scoped_lock&, boost::asio::detail::scheduler_thread_info&, boost::system::error_code const&)+564) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
09-10 17:15:56.418 29458 29458 F DEBUG : #06 pc 00312534 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (boost::asio::detail::scheduler::run(boost::system::error_code&)+216) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
09-10 17:15:56.418 29458 29458 F DEBUG : #07 pc 003c37d8 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
09-10 17:15:56.418 29458 29458 F DEBUG : #08 pc 000aa8bb /apex/com.android.runtime/lib/bionic/libc.so (__pthread_start(void*)+20) (BuildId: b638b588df5590a58c813e9e3a0c67dc)
09-10 17:15:56.419 29458 29458 F DEBUG : #09 pc 00061993 /apex/com.android.runtime/lib/bionic/libc.so (__start_thread+30) (BuildId: b638b588df5590a58c813e9e3a0c67dc)
@gubatron I'm not familiar with the branch 1_2
anymore, but I just found that in master
this line https://github.com/arvidn/libtorrent/blob/master/src/enum_net.cpp#L569 is the problem. Try to look for the equivalent and put a if (ifa->ifa_addr != nullptr)
to see if that solves it.
Thank you man! I'll try first a
if (ifa->ifa_addr == nullptr) {
return false;
}
I was playing here with ndk-stack
tool and isolating the crash, similar output as above, it seems in my branch the issue might be related to session_impl::reopen_listen_sockets(bool)+196
Do you know what that +196
offset means? is that lines? bytes? If it's bytes it's hard to tell because there are preprocessor #IFs and the actual file compiled is probably different in terms of line numbers.
For now what I was planning to do was to comment out that call to see if it still crashes and make sure the issue on my branch is there. Most likely there are multiple issues, my guess is that most libtorrents running out there use netlink and the ifaddr checks hasn't been throughly tested in all architectures.
I've a feeling I'll be sending a patch soon.
With:
adb logcat | ndk-stack -sym ~/workspace.frostwire/frostwire-jlibtorrent/swig/bin/release/android/armeabi-v7a
********** Crash dump: **********
Build fingerprint: 'att/v341u/v341u:10/QKQ1.200311.002/V341U_A1_210524:user/release-keys'
#00 0x00530390 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
??
??:0:0
#01 0x003df638 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (libtorrent::aux::session_impl::reopen_listen_sockets(bool)+196) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
??
??:0:0
#02 0x003dee48 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (libtorrent::aux::session_impl::init()+656) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
??
??:0:0
#03 0x003fed1c /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (_ZN10libtorrent3aux12session_impl4wrapIMS1_FvvEJEEEvT_DpOT0_+48) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
??
??:0:0
#04 0x003f5844 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
??
??:0:0
#05 0x00312928 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (boost::asio::detail::scheduler::do_run_one(boost::asio::detail::conditionally_enabled_mutex::scoped_lock&, boost::asio::detail::scheduler_thread_info&, boost::system::error_code const&)+564) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
??
??:0:0
#06 0x00312534 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (boost::asio::detail::scheduler::run(boost::system::error_code&)+216) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
??
??:0:0
#07 0x003c37d8 /data/app/com.frostwire.android-kEuaGbL37j6DPSvL3wDByQ==/base.apk!libjlibtorrent.so (offset 0xf28000) (BuildId: 288f7fa67a321e9369a5058ffd38d998fbe5c545)
??
??:0:0
#08 0x000aa8bb /apex/com.android.runtime/lib/bionic/libc.so (__pthread_start(void*)+20) (BuildId: b638b588df5590a58c813e9e3a0c67dc)
#09 0x00061993 /apex/com.android.runtime/lib/bionic/libc.so (__start_thread+30) (BuildId: b638b588df5590a58c813e9e3a0c67dc)
Crash dump is completed
I believe that +196
means offset in object code (roughly assembler lines). You need debug information to be able to revert to the line in the source code.
It seems it's the function_offset
, I believe this is the source code (Backtrace.cpp
) to generate those backtraces
For whoever is reading this in the future:
I commented out all the calls to reopen_listen_sockets()
in session_impl.cpp
and the crash is gone, however, the app needs reopen_listen_sockets()
to work properly, I don't see it getting DHT contacts, nor binding any sockets when the bittorrent engine is started without this call.
Now it's time to comb over this function and hope the issue can be easily fixed in it.
@aldenml you god damn genius! I miss you.
reopen_listen_sockets
makes use of enum_net_interfaces
which in turn uses iface_from_ifaddrs
in a loop.
Adding this solved the crash, works perfectly now. I love you man.
no clue, let's see if I can find where exactly the issue is by uploading the symbol files once this crash starts appearing in Google Play crash logs.
Having a hard time getting the Android Studio Dual Debugger to work.