Tor (0.4.3.5) Occasionally crashes with these stack offsets

[ProofOfKeags]

This has happened twice now with the 0.4.3.5 tor binary. I was able to grab this screenshot of crash logs. Both times had the same memory address + stack offset, which suggests there's only one problem here.

This is on an iPhone XR device running OS 13.4.1

I'm going to update to 13.5 and will report back if it happens again

[tladesignz]

Interesting. It would be great, if you could re-symbolicate that crashlog.

[ProofOfKeags]

K. I'll look into it. I've never done that before, if you have any advice I'd appreciate it. Otherwise I'll see what I can do. I think this is an underlying issue in the tor binary as opposed to an issue with Tor.framework but I suppose we can't determine that without recovering the symbols.

[ProofOfKeags]

Thread 10 name:  Tor
Thread 10 Crashed:
0   libsystem_kernel.dylib          0x00000001b80f6df0 __pthread_kill + 8
1   libsystem_pthread.dylib         0x00000001b8016930 pthread_kill + 228
2   libsystem_c.dylib               0x00000001b7fa48b4 abort + 104
3   Tor                             0x00000001032bf780 0x102f20000 + 3798912
4   Tor                             0x00000001030ba000 format_hex_number_sigsafe + 1679360 (torerr.c:299)
5   Tor                             0x00000001030b515c tor_mutex_new + 1659228 (compat_mutex.c:18)
6   Tor                             0x00000001030506f4 pubsub_connect + 1246964 (main.c:1208)
7   Tor                             0x0000000103050820 tor_run_main + 1247264 (main.c:1249)
8   Tor                             0x0000000102f2be44 -[TORThread main] + 48708 (TORThread.m:73)
9   Foundation                      0x00000001b87097a0 __NSThread__start__ + 864
10  libsystem_pthread.dylib         0x00000001b80158fc _pthread_start + 168
11  libsystem_pthread.dylib         0x00000001b801d9d4 thread_start + 8

[tladesignz]

Sorry, for the delay! Great work, and thanks for reporting it!

That's clearly inside Tor. I'll have somebody from Tor look at this.

[tladesignz]

@ahf, can you take a look at this? Thanks!

[Fonta1n3]

Just wanted to chime in and second that i am experiencing the same issue.

[ahf]

How do I reproduce this issue? I haven't seen it yet with Tor 0.4.3.5 in OnionBrowser when I test it there.

[ProofOfKeags]

Unfortunately I haven't been able to consistently get it to happen in response to a particular action. However it does happen semi-often within the Embassy App. if you want to test it out we can give you the creds to our test server, although if you're interested I encourage you to get one ;).

[tladesignz]

I released a Tor.framework based on Tor 0.4.4.5 recently. If anybody can report this problem still occurring with the latest version, I'm happy to accept re-openings. If not, I'm considering this done, as @ahf told me, that this is in a part which got reworked with recent Tor versions.