Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LwIP consistently hits SIGSEGVs #32

Closed
ignoramous opened this issue Aug 16, 2020 · 7 comments
Closed

LwIP consistently hits SIGSEGVs #32

ignoramous opened this issue Aug 16, 2020 · 7 comments
Assignees
@ignoramous

Comments

@ignoramous
Copy link
Collaborator

ignoramous commented Aug 16, 2020
edited
Loading

At least two crashes in space of 12 hours, both in the LwIP stack of gotun2socks presumably because some tcp state has gone whack.

I am starting to think that we do not terminate the connection like we normally should (Android's implementation indicates it relies on PROHIBIT response from the Kernel to terminate connections). A gentle tcpConn.Close might not be enough and a tcpConn.Abort might be of order.

The implementation differences in go-tun2socks for tcpConn.Close and tcpConn.Abort do reveal stark differences, the primary is that conn.state isn't updated in the former case whilst it is set to tcpAborting in the latter case.

Further more, tcpConn.Abort is what go-tun2socks uses to rid of connection when there's any err reported by the registeredTCPHandler.

Crashes (both happened after firewall was relaxed after a screen-on event):

No. 1

08-16 08:10:03.576 23934 23934 E chromium: [0816/081003.575374:ERROR:elf_dynamic_array_reader.h(61)] tag not found
08-16 08:10:03.584 15668 16890 E GoLog   : [0816/081003.575374:ERROR:elf_dynamic_array_reader.h(61)] tag not found
08-16 08:10:03.594 15668 16867 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x31f000001b9 in tid 16867 (Thread-24), pid 15668 (elzero.bravedns)
08-16 08:10:03.736  2152  2152 E ndroid.systemu: Invalid ID 0x00000000.
08-16 08:10:03.797 23937 23937 I crash_dump64: obtaining output fd from tombstoned, type: kDebuggerdTombstone
08-16 08:10:03.800  1259  1259 I /system/bin/tombstoned: received crash request for pid 16867
08-16 08:10:03.802 23937 23937 I crash_dump64: performing dump of process 15668 (target tid = 16867)
08-16 08:10:03.809 23937 23937 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
08-16 08:10:03.809 23937 23937 F DEBUG   : Build fingerprint: 'OnePlus/OnePlus6/OnePlus6:10/QKQ1.190716.003/2005052051:user/release-keys'
08-16 08:10:03.809 23937 23937 F DEBUG   : Revision: '0'
08-16 08:10:03.809 23937 23937 F DEBUG   : ABI: 'arm64'
08-16 08:10:03.809 23937 23937 F DEBUG   : Timestamp: 2020-08-16 08:10:03+0530
08-16 08:10:03.809 23937 23937 F DEBUG   : pid: 15668, tid: 16867, name: Thread-24  >>> com.celzero.bravedns <<<
08-16 08:10:03.809 23937 23937 F DEBUG   : uid: 10421
08-16 08:10:03.809 23937 23937 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x31f000001b9
08-16 08:10:03.809 23937 23937 F DEBUG   :     x0  0000006f1a6ea600  x1  0000000000000000  x2  00000040004bfea0  x3  0000000000000003
08-16 08:10:03.809 23937 23937 F DEBUG   :     x4  0000000000000160  x5  0000004000297e90  x6  000000700c853000  x7  0000000000f421c2
08-16 08:10:03.809 23937 23937 F DEBUG   :     x8  0000006f1a7aac14  x9  000000000000000c  x10 0000000000000002  x11 0000000000000030
08-16 08:10:03.809 23937 23937 F DEBUG   :     x12 0000000000a56b80  x13 00000003e8000000  x14 00044460ac096168  x15 0000a507849446f3
08-16 08:10:03.809 23937 23937 F DEBUG   :     x16 000000700870f8f0  x17 0000007008701070  x18 0000006ec0bea000  x19 0000006f1a6ea600
08-16 08:10:03.809 23937 23937 F DEBUG   :     x20 0000031f000001a4  x21 0000006f27239aa0  x22 0000006f27239ab0  x23 0000006f1a7aaa00
08-16 08:10:03.809 23937 23937 F DEBUG   :     x24 0000006f27239aa0  x25 0000006f26d1d394  x26 0000000000000000  x27 0000000000000010
08-16 08:10:03.809 23937 23937 F DEBUG   :     x28 0000004000182900  x29 0000006ec2837b90
08-16 08:10:03.809 23937 23937 F DEBUG   :     sp  0000006ec2837b70  lr  0000006f26d16418  pc  0000006f26d197b4
08-16 08:10:03.809 23937 23937 F DEBUG   :
08-16 08:10:03.809 23937 23937 F DEBUG   : backtrace:
08-16 08:10:03.809 23937 23937 F DEBUG   :       #00 pc 00000000005d47b4  /data/app/com.celzero.bravedns-S0OlU-rPT9myMvnoLKv6fQ==/base.apk (offset 0xb000) (tcp_process_refused_data+32)

No. 2

08-16 02:55:23.658 19089 19580 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x6d80003e7e0000 in tid 19580 (Thread-24), pid 19089 (elzero.bravedns)
08-16 02:55:24.004  4726  4726 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
08-16 02:55:24.004  4726  4726 F DEBUG   : Build fingerprint: 'OnePlus/OnePlus6/OnePlus6:10/QKQ1.190716.003/2005052051:user/release-keys'
08-16 02:55:24.004  4726  4726 F DEBUG   : Revision: '0'
08-16 02:55:24.004  4726  4726 F DEBUG   : ABI: 'arm64'
08-16 02:55:24.004  4726  4726 F DEBUG   : Timestamp: 2020-08-16 02:55:24+0530
08-16 02:55:24.005  4726  4726 F DEBUG   : pid: 19089, tid: 19580, name: Thread-24  >>> com.celzero.bravedns <<<
08-16 02:55:24.005  4726  4726 F DEBUG   : uid: 10419
08-16 02:55:24.005  4726  4726 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x6d80003e7e0000
08-16 02:55:24.005  4726  4726 F DEBUG   :     x0  0000004000410000  x1  0000006f080e9e30  x2  000000400040fab0  x3  0000004000183980
08-16 02:55:24.005  4726  4726 F DEBUG   :     x4  0000000000000550  x5  0000004000293a10  x6  0000000000000001  x7  3e6d80003e7e0000
08-16 02:55:24.005  4726  4726 F DEBUG   :     x8  3e6d80003e7e0000  x9  000000400040fb38  x10 0000000000000001  x11 0000000000000000
08-16 02:55:24.005  4726  4726 F DEBUG   :     x12 0000000000000001  x13 0000006f753b49f0  x14 0000000000000000  x15 0000006f08185352
08-16 02:55:24.005  4726  4726 F DEBUG   :     x16 0000000000000028  x17 00000070087018b8  x18 0000006f068e6000  x19 000000400040fb38
08-16 02:55:24.005  4726  4726 F DEBUG   :     x20 0000004000410000  x21 000000400040fe68  x22 3e6d80003e7e0000  x23 0000000000000000
08-16 02:55:24.005  4726  4726 F DEBUG   :     x24 ffffffffff01ef34  x25 ffffffffdd15b299  x26 0000006f753b4a78  x27 0000000000000010
08-16 02:55:24.005  4726  4726 F DEBUG   :     x28 0000004000183980  x29 0000006f753b49e0
08-16 02:55:24.005  4726  4726 F DEBUG   :     sp  0000006f753b49c0  lr  0000006f080e9e48  pc  0000006f080e9e50
08-16 02:55:24.005  4726  4726 F DEBUG   :
08-16 02:55:24.005  4726  4726 F DEBUG   : backtrace:
08-16 02:55:24.005  4726  4726 F DEBUG   :       #00 pc 00000000005e3e50  /data/app/com.celzero.bravedns-5afKeEOsjeGWhPeagQnD6Q==/base.apk (offset 0x218000) (_cgo_00fc4845cc21_Cfunc_get_conn_key_val+32)

See #19 #26
@ignoramous
Copy link
Collaborator Author

Tombstones:

crash2.txt, crash1.txt

ignoramous referenced this issue in celzero/outline-go-tun2socks Aug 16, 2020
@ignoramous
RST firewalled tcp connections
73aef90 
A closer look reveals that core.tcpConn.Close isn't doing the
desired clean-up; and probably a core.tcpConn.Abort is a better
match to firewall a connection cleanly.

Calling core.tcpConn.Abort is better left to the downstream
caller. Returning a error from registered-tcp-handler does
in fact abort the connection as required.

Similar change for udp connections too, only that instead of
both closing the connection and returning an error, we err
on the side of just returning an error.

Ocassional SIGSEGVs originating deep in LwIP when firewalling
and de-firewalling connections hopefully now is put to bed.
@ignoramous ignoramous mentioned this issue Aug 22, 2020
Closed
@ignoramous
Copy link
Collaborator Author

Seeing different errors, but usually on-network-change events (and sometimes on mode changes for ex: dns-only to dns+firewall).

08-24 17:22:37.836 21706 21706 F libc    : Fatal signal 6 (SIGABRT), code -1 (SI_QUEUE) in tid 21706 (elzero.bravedns), pid 21706 (elzero.bravedns)
08-24 17:22:38.302  4574  4574 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
08-24 17:22:38.302  4574  4574 F DEBUG   : Build fingerprint: 'OnePlus/OnePlus6/OnePlus6:10/QKQ1.190716.003/2005052051:user/release-keys'
08-24 17:22:38.302  4574  4574 F DEBUG   : Revision: '0'                        
08-24 17:22:38.302  4574  4574 F DEBUG   : ABI: 'arm64'                         
08-24 17:22:38.321  4574  4574 F DEBUG   : Timestamp: 2020-08-24 17:22:38+0530  
08-24 17:22:38.321  4574  4574 F DEBUG   : pid: 21706, tid: 21706, name: elzero.bravedns  >>> com.celzero.bravedns <<<
08-24 17:22:38.321  4574  4574 F DEBUG   : uid: 10426                           
08-24 17:22:38.321  4574  4574 F DEBUG   : signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
08-24 17:22:38.321  4574  4574 F DEBUG   :     x0  0000000000000000  x1  00000000000054ca  x2  0000000000000006  x3  0000007fc9cbcd70
08-24 17:22:38.321  4574  4574 F DEBUG   :     x4  000000000000000a  x5  000000000000000a  x6  000000000000000a  x7  000000000000000a
08-24 17:22:38.321  4574  4574 F DEBUG   :     x8  00000000000000f0  x9  9fe6c19f5d4ce6fc  x10 0000000000000001  x11 0000000000000000
08-24 17:22:38.321  4574  4574 F DEBUG   :     x12 fffffff0fffffbdf  x13 40736b636f73326e  x14 0000000000000000  x15 0000000000000000
08-24 17:22:38.321  4574  4574 F DEBUG   :     x16 00000074a27c38c0  x17 00000074a279f900  x18 00000074a8422000  x19 00000000000054ca
08-24 17:22:38.321  4574  4574 F DEBUG   :     x20 00000000000054ca  x21 00000000ffffffff  x22 0000000044c71000  x23 0000000000000001
08-24 17:22:38.321  4574  4574 F DEBUG   :     x24 00000000000044c7  x25 00000074a77a9020  x26 000000741180aef0  x27 0000000000000010
08-24 17:22:38.321  4574  4574 F DEBUG   :     x28 0000004000000480  x29 0000007fc9cbce10
08-24 17:22:38.321  4574  4574 F DEBUG   :     sp  0000007fc9cbcd50  lr  00000074a27510c4  pc  00000074a27510f0
08-24 17:22:38.327  4574  4574 F DEBUG   :                                      
08-24 17:22:38.327  4574  4574 F DEBUG   : backtrace:                           
08-24 17:22:38.327  4574  4574 F DEBUG   :       #00 pc 00000000000830f0  /apex/com.android.runtime/lib64/bionic/libc.so (abort+160) (BuildId: a6a4a6a4e20240bbe3173fe560b161af)
08-24 17:22:38.327  4574  4574 F DEBUG   :       #01 pc 00000000005ce7b8  /data/app/com.celzero.bravedns-aEHnFNTKgnIXwf-H1wZnqw==/base.apk (offset 0x20d000) (pbuf_free+252)

08-27 06:18:56.391 13319 32504 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x3140000170048 in tid 32504 (startVpn-onNetw), pid 13319 (elzero.bravedns)
08-27 06:18:56.734 32632 32632 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
08-27 06:18:56.734 32632 32632 F DEBUG   : Build fingerprint: 'OnePlus/OnePlus6/OnePlus6:10/QKQ1.190716.003/2005052051:user/release-keys'
08-27 06:18:56.734 32632 32632 F DEBUG   : Revision: '0'                        
08-27 06:18:56.734 32632 32632 F DEBUG   : ABI: 'arm64'                         
08-27 06:18:56.734 32632 32632 F DEBUG   : Timestamp: 2020-08-27 06:18:56+0530  
08-27 06:18:56.734 32632 32632 F DEBUG   : pid: 13319, tid: 32504, name: startVpn-onNetw  >>> com.celzero.bravedns <<<
08-27 06:18:56.734 32632 32632 F DEBUG   : uid: 10427                           
08-27 06:18:56.734 32632 32632 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x3140000170048
08-27 06:18:56.734 32632 32632 F DEBUG   :     x0  0303140000170032  x1  00000073b0d99f00  x2  00000040006d1b10  x3  0000004000000480
08-27 06:18:56.734 32632 32632 F DEBUG   :     x4  00000000000004f0  x5  0000004000000690  x6  0000000000000001  x7  00000073b0d99f00
08-27 06:18:56.734 32632 32632 F DEBUG   :     x8  000000006f0a8c41  x9  00000074156ff400  x10 0000000000000005  x11 0000000000000000
08-27 06:18:56.734 32632 32632 F DEBUG   :     x12 000000741561f3f0  x13 0000007372edce80  x14 000000737272b550  x15 000000737272b560
08-27 06:18:56.734 32632 32632 F DEBUG   :     x16 00000074a27c3940  x17 00000074a274d380  x18 00000073560ca000  x19 0000000000000000
08-27 06:18:56.734 32632 32632 F DEBUG   :     x20 0303140000170032  x21 000000003a99095e  x22 000000002e86cf7d  x23 0000000000000001
08-27 06:18:56.734 32632 32632 F DEBUG   :     x24 000000000000bb01  x25 0000007372ede020  x26 00000074119caef0  x27 0000000000000010
08-27 06:18:56.734 32632 32632 F DEBUG   :     x28 0000004000000480  x29 0000007372edcdc0
08-27 06:18:56.734 32632 32632 F DEBUG   :     sp  0000007372edcdb0  lr  000000741181c4e8  pc  00000074118166e4
08-27 06:18:56.734 32632 32632 F DEBUG   :                                      
08-27 06:18:56.734 32632 32632 F DEBUG   : backtrace:                           
08-27 06:18:56.734 32632 32632 F DEBUG   :       #00 pc 00000000005ce6e4  /data/app/com.celzero.bravedns-CufiMjhMGw22Z2dMITTowQ==/base.apk (offset 0x21b000) (pbuf_free+40)

08-27 21:04:06.183 32731 32731 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x428e00000000001f in tid 32731 (elzero.bravedns), pid 32731 (elzero.bravedns)
08-27 21:04:06.619 19088 19088 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
08-27 21:04:06.619 19088 19088 F DEBUG   : Build fingerprint: 'OnePlus/OnePlus6/OnePlus6:10/QKQ1.190716.003/2005052051:user/release-keys'
08-27 21:04:06.619 19088 19088 F DEBUG   : Revision: '0'                        
08-27 21:04:06.619 19088 19088 F DEBUG   : ABI: 'arm64'                         
08-27 21:04:06.620 19088 19088 F DEBUG   : Timestamp: 2020-08-27 21:04:06+0530  
08-27 21:04:06.620 19088 19088 F DEBUG   : pid: 32731, tid: 32731, name: elzero.bravedns  >>> com.celzero.bravedns <<<
08-27 21:04:06.620 19088 19088 F DEBUG   : uid: 10427                           
08-27 21:04:06.620 19088 19088 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x428e00000000001f
08-27 21:04:06.620 19088 19088 F DEBUG   :     x0  42bc00000000001c  x1  0000000000000001  x2  0000004000050b10  x3  0000004000000480
08-27 21:04:06.620 19088 19088 F DEBUG   :     x4  00000000000004f0  x5  0000004000000690  x6  0000000000000001  x7  0000007407907300
08-27 21:04:06.620 19088 19088 F DEBUG   :     x8  0000000000000000  x9  0000004000050b98  x10 0000000000000007  x11 0000000000000008
08-27 21:04:06.620 19088 19088 F DEBUG   :     x12 000000002abb8cc0  x13 0000007fc9ccda70  x14 0000000000000012  x15 0000000000000014
08-27 21:04:06.620 19088 19088 F DEBUG   :     x16 00000074a27c38f0  x17 00000074a27b5070  x18 00000074a8422000  x19 0000007407907300
08-27 21:04:06.620 19088 19088 F DEBUG   :     x20 00000074a7665480  x21 0000000000000000  x22 0000000000000000  x23 0000000000000000
08-27 21:04:06.620 19088 19088 F DEBUG   :     x24 0000000000000000  x25 428e00000000001f  x26 00000073adf48ef0  x27 0000000000000010
08-27 21:04:06.620 19088 19088 F DEBUG   :     x28 0000004000000480  x29 0000007fc9ccda60
08-27 21:04:06.621 19088 19088 F DEBUG   :     sp  0000007fc9ccda10  lr  00000073ada73008  pc  00000073add97ffc
08-27 21:04:06.621 19088 19088 F DEBUG   :                                      
08-27 21:04:06.621 19088 19088 F DEBUG   : backtrace:                           
08-27 21:04:06.621 19088 19088 F DEBUG   :       #00 pc 00000000005d1ffc  /data/app/com.celzero.bravedns-CufiMjhMGw22Z2dMITTowQ==/base.apk (offset 0x21b000) (tcp_abandon+312)
--------- beginning of system

@ignoramous
Copy link
Collaborator Author

Moar:

09-03 12:27:01.338 17449 17552 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x43cdcccd442b8056 in tid 17552 (Thread-8), pid 17449 (elzero.bravedns)
09-03 12:27:01.695 16759 16759 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
09-03 12:27:01.696 16759 16759 F DEBUG   : Build fingerprint: 'Xiaomi/laurel_sprout/laurel_sprout:10/QKQ1.190910.002/V11.0.20.0.QFQMIXM:user/release-keys'
09-03 12:27:01.696 16759 16759 F DEBUG   : Revision: '0'                        
09-03 12:27:01.696 16759 16759 F DEBUG   : ABI: 'arm64'                         
09-03 12:27:01.696 16759 16759 F DEBUG   : Timestamp: 2020-09-03 12:27:01+0530  
09-03 12:27:01.696 16759 16759 F DEBUG   : pid: 17449, tid: 17552, name: Thread-8  >>> com.celzero.bravedns <<<
09-03 12:27:01.696 16759 16759 F DEBUG   : uid: 10716                           
09-03 12:27:01.696 16759 16759 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x43cdcccd442b8056
09-03 12:27:01.696 16759 16759 F DEBUG   :     x0  0000000000000000  x1  00000074d26b7a80  x2  0000000000000010  x3  0000000000000007
09-03 12:27:01.696 16759 16759 F DEBUG   :     x4  00000074d26b7c50  x5  00000074fa870fd0  x6  0000004000042a80  x7  00000074fb0b7a00
09-03 12:27:01.696 16759 16759 F DEBUG   :     x8  0000000000000000  x9  0000000000004058  x10 0000000000000005  x11 0000000000000070
09-03 12:27:01.696 16759 16759 F DEBUG   :     x12 0000000004bedaa0  x13 0000000000000000  x14 0000000000000012  x15 0000000000000014
09-03 12:27:01.696 16759 16759 F DEBUG   :     x16 00000075f1d008f0  x17 00000075f1cf2070  x18 00000074d0e16000  x19 43cdcccd442b8000
09-03 12:27:01.697 16759 16759 F DEBUG   :     x20 00000074fb0b7000  x21 00000074fb0b7aa0  x22 00000074fb0b7ab0  x23 43cdcccd442b8000
09-03 12:27:01.697 16759 16759 F DEBUG   :     x24 00000074fb0b7aa0  x25 00000074fab9c324  x26 0000000000000000  x27 0000000000000010
09-03 12:27:01.697 16759 16759 F DEBUG   :     x28 0000004000001380  x29 00000074d26b7bd0
09-03 12:27:01.697 16759 16759 F DEBUG   :     sp  00000074d26b7ba0  lr  00000074fab95390  pc  00000074fab95344
09-03 12:27:01.701 16759 16759 F DEBUG   :                                      
09-03 12:27:01.701 16759 16759 F DEBUG   : backtrace:                           
09-03 12:27:01.702 16759 16759 F DEBUG   :       #00 pc 00000000005d1344  /data/app/com.celzero.bravedns-Nbr5N6Zwph0vP-wLoIRS6A==/base.apk (offset 0xc000) (tcp_fasttmr+76)

09-03 14:27:08.322 17406 17448 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x19cb3ec4100f1c3b in tid 17448 (Thread-18), pid 17406 (elzero.bravedns)
09-03 14:27:08.562  9633  9633 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
09-03 14:27:08.562  9633  9633 F DEBUG   : Build fingerprint: 'Xiaomi/laurel_sprout/laurel_sprout:10/QKQ1.190910.002/V11.0.20.0.QFQMIXM:user/release-keys'
09-03 14:27:08.562  9633  9633 F DEBUG   : Revision: '0'                        
09-03 14:27:08.562  9633  9633 F DEBUG   : ABI: 'arm64'                         
09-03 14:27:08.563  9633  9633 F DEBUG   : Timestamp: 2020-09-03 14:27:08+0530  
09-03 14:27:08.563  9633  9633 F DEBUG   : pid: 17406, tid: 17448, name: Thread-18  >>> com.celzero.bravedns <<<
09-03 14:27:08.563  9633  9633 F DEBUG   : uid: 10716                           
09-03 14:27:08.563  9633  9633 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x19cb3ec4100f1c3b
09-03 14:27:08.563  9633  9633 F DEBUG   :     x0  000000755f1e1c00  x1  00000074fb3a6cd4  x2  00000040006efeb0  x3  0000004000001380
09-03 14:27:08.563  9633  9633 F DEBUG   :     x4  0000000000000150  x5  00000040000ac390  x6  0000000000000001  x7  000000755f1e1c00
09-03 14:27:08.563  9633  9633 F DEBUG   :     x8  ffa574b2b7527bc7  x9  00000040006eff38  x10 00000040003c6d5f  x11 0000000000001000
09-03 14:27:08.563  9633  9633 F DEBUG   :     x12 0000000000000001  x13 00000074d0eb7c40  x14 0000000000000000  x15 00000074fb4422e6
09-03 14:27:08.563  9633  9633 F DEBUG   :     x16 0000000000000000  x17 0000000000000000  x18 00000074d0bd4000  x19 000000755f1e1c00
09-03 14:27:08.563  9633  9633 F DEBUG   :     x20 19cb3ec4100f1c26  x21 0000004000042a80  x22 0000000000000001  x23 39fdef47caf6d0e5
09-03 14:27:08.563  9633  9633 F DEBUG   :     x24 2d83470e96554d2a  x25 ec1e088780ac4dba  x26 00000074d0eb7b58  x27 0000000000000010
09-03 14:27:08.563  9633  9633 F DEBUG   :     x28 0000004000001380  x29 00000074d0eb7c00
09-03 14:27:08.563  9633  9633 F DEBUG   :     sp  00000074d0eb7be0  lr  00000074fb3a6cfc  pc  00000074fb398744
09-03 14:27:08.577  9633  9633 F DEBUG   :                                      
09-03 14:27:08.577  9633  9633 F DEBUG   : backtrace:                           
09-03 14:27:08.577  9633  9633 F DEBUG   :       #00 pc 00000000005d4744  /data/app/com.celzero.bravedns-Nbr5N6Zwph0vP-wLoIRS6A==/base.apk (offset 0xc000) (tcp_process_refused_data+32)

09-03 15:20:44.989 12705 12758 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xd3f309c2fe4c7 in tid 12758 (Thread-9), pid 12705 (elzero.bravedns)
09-03 15:20:45.310 30094 30094 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
09-03 15:20:45.311 30094 30094 F DEBUG   : Build fingerprint: 'Xiaomi/laurel_sprout/laurel_sprout:10/QKQ1.190910.002/V11.0.20.0.QFQMIXM:user/release-keys'
09-03 15:20:45.311 30094 30094 F DEBUG   : Revision: '0'                        
09-03 15:20:45.311 30094 30094 F DEBUG   : ABI: 'arm64'                         
09-03 15:20:45.312 30094 30094 F DEBUG   : Timestamp: 2020-09-03 15:20:45+0530  
09-03 15:20:45.312 30094 30094 F DEBUG   : pid: 12705, tid: 12758, name: Thread-9  >>> com.celzero.bravedns <<<
09-03 15:20:45.312 30094 30094 F DEBUG   : uid: 10716                           
09-03 15:20:45.312 30094 30094 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xd3f309c2fe4c7
09-03 15:20:45.312 30094 30094 F DEBUG   :     x0  000000755f087100  x1  00000074fb3a6cd4  x2  0000004000619eb0  x3  0000004000000d80
09-03 15:20:45.312 30094 30094 F DEBUG   :     x4  0000000000000150  x5  000000400034e090  x6  0000000000000001  x7  000000755f087100
09-03 15:20:45.312 30094 30094 F DEBUG   :     x8  903efed19fba3e48  x9  0000004000619f38  x10 00000040003004bf  x11 0000000000001000
09-03 15:20:45.312 30094 30094 F DEBUG   :     x12 0000000000000001  x13 00000074d1fb4c40  x14 0000000000000000  x15 00000074fb4422e6
09-03 15:20:45.312 30094 30094 F DEBUG   :     x16 0000000000000000  x17 0000000000000000  x18 00000074d1564000  x19 000000755f087100
09-03 15:20:45.312 30094 30094 F DEBUG   :     x20 420d3f309c2fe4b2  x21 0000004000042700  x22 0000000000000001  x23 c3373b36b748eafc
09-03 15:20:45.312 30094 30094 F DEBUG   :     x24 265efa62750bf355  x25 60b70af8a3624027  x26 0000004000619e48  x27 0000000000000010
09-03 15:20:45.312 30094 30094 F DEBUG   :     x28 0000004000000d80  x29 00000074d1fb4c00
09-03 15:20:45.312 30094 30094 F DEBUG   :     sp  00000074d1fb4be0  lr  00000074fb3a6cfc  pc  00000074fb398744
09-03 15:20:45.324 30094 30094 F DEBUG   :                                      
09-03 15:20:45.324 30094 30094 F DEBUG   : backtrace:                           
09-03 15:20:45.324 30094 30094 F DEBUG   :       #00 pc 00000000005d4744  /data/app/com.celzero.bravedns-Nbr5N6Zwph0vP-wLoIRS6A==/base.apk (offset 0xc000) (tcp_process_refused_data+32)

@ignoramous ignoramous self-assigned this Sep 3, 2020
@hussainmohd-a
Copy link
Collaborator

Happened during screen off

09-03 21:18:45.579  1265  1265 V SettingsProvider: Notifying for 0: content://settings/system/rading_mode_status_auto
09-03 21:18:45.821 29356 29356 F libc    : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x429b333300000000 in tid 29356 (elzero.bravedns), pid 29356 (elzero.bravedns)
09-03 21:18:45.832  1265  1853 D ConnectivityService: reportNetworkConnectivity(216, false) by 10027
09-03 21:18:45.834  1265 28272 I WifiService: countryCode: IN
09-03 21:18:45.936  1265 28272 I WifiService: countryCode: IN
09-03 21:18:45.942  1265  1405 W BroadcastQueue: Background execution not allowed: receiving Intent { act=android.net.conn.NETWORK_CONDITIONS_MEASURED flg=0x10 (has extras) } to com.google.android.gms/.chimera.GmsIntentOperationService$PersistentTrustedReceiver
09-03 21:18:45.945  1265  1853 D ConnectivityService: NetworkAgentInfo [WIFI () - 216] validation passed
09-03 21:18:46.024 28283 28283 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
09-03 21:18:46.024 28283 28283 F DEBUG   : Build fingerprint: 'OnePlus/OnePlus6/OnePlus6:10/QKQ1.190716.003/2005052051:user/release-keys'
09-03 21:18:46.024 28283 28283 F DEBUG   : Revision: '0'
09-03 21:18:46.024 28283 28283 F DEBUG   : ABI: 'arm64'
09-03 21:18:46.026 28283 28283 F DEBUG   : Timestamp: 2020-09-03 21:18:46+0530
09-03 21:18:46.026 28283 28283 F DEBUG   : pid: 29356, tid: 29356, name: elzero.bravedns  >>> com.celzero.bravedns <<<
09-03 21:18:46.026 28283 28283 F DEBUG   : uid: 10427
09-03 21:18:46.026 28283 28283 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x429b333300000000
09-03 21:18:46.026 28283 28283 F DEBUG   :     x0  0000004000051000  x1  00000078f2924dc0  x2  0000004000050810  x3  0000004000000480
09-03 21:18:46.026 28283 28283 F DEBUG   :     x4  00000000000007f0  x5  0000004000000690  x6  0000000000000001  x7  429b333300000000
09-03 21:18:46.026 28283 28283 F DEBUG   :     x8  429b333300000000  x9  0000004000050898  x10 0000000000000001  x11 0000000000000000
09-03 21:18:46.026 28283 28283 F DEBUG   :     x12 000000003367cf48  x13 0000007fc8538640  x14 0000000000000012  x15 0000000000000014
09-03 21:18:46.026 28283 28283 F DEBUG   :     x16 0000000000000010  x17 00000079e88c08b8  x18 00000079ee76a000  x19 0000004000050898
09-03 21:18:46.026 28283 28283 F DEBUG   :     x20 0000004000051000  x21 0000004000050ac8  x22 0000007fc8538c00  x23 0000007956db26bb
09-03 21:18:46.026 28283 28283 F DEBUG   :     x24 0000000000000004  x25 00000079ed628020  x26 0000007fc85386c8  x27 0000000000000010
09-03 21:18:46.026 28283 28283 F DEBUG   :     x28 0000004000000480  x29 0000007fc8538630
09-03 21:18:46.026 28283 28283 F DEBUG   :     sp  0000007fc8538610  lr  00000078f2924dd8  pc  00000078f2924de0
09-03 21:18:46.026 28283 28283 F DEBUG   :
09-03 21:18:46.026 28283 28283 F DEBUG   : backtrace:
09-03 21:18:46.026 28283 28283 F DEBUG   :       #00 pc 00000000005e2de0  /data/app/com.celzero.bravedns-CufiMjhMGw22Z2dMITTowQ==/base.apk (offset 0x21b000) (_cgo_00fc4845cc21_Cfunc_get_conn_key_val+32)
09-03 21:18:46.723  1265 28289 I DropBoxManagerService: add tag=data_app_native_crash isTagEnabled=true flags=0x2

@ignoramous
Copy link
Collaborator Author

Get this fix in: eycorsican/go-tun2socks/commit/3898cb0a0.

ignoramous added a commit to celzero/outline-go-tun2socks that referenced this issue Sep 4, 2020
@ignoramous
Udpate go-tun2socks to v1.16.11
eabbf1c 
New release contains a fixe for double-free on tcp process-control-block

celzero/rethink-app#32
@ignoramous
Copy link
Collaborator Author

When the tunnel is disconnected after 20+ hours, SIGSEGV/SEG_MAPERR still shows up. Likely something to do with TCP connections cleanup?

hussainmohd-a added a commit that referenced this issue Sep 7, 2020
@hussainmohd-a
Connection tracking implementation and various issue fixes 0.4.4
c763dd6 
Connection Tracking :
Network monitor screen performance has been improved. New schema has been introduced to handle the changes. Now user has provision to search by app name and IP address. Filtering of logs based on blocked/all is implemented. Provision to delete the logs from network monitor.
Some of the features are yet to be implemented.

Bug FIxes:

* Samsung Minor bug fix - Introduced the INTERACT_ACROSS_USERS permission for samsung devices.
Always-on -  prompt is shown now when user taps the 'Start' button.

* Background Apps - Universal firewall for allow apps on background logic is changed. Now the uid's which are in range from APP_START to APP_END is included. Now it works as originally intended.
#65

* Lwip Fix - A critical stability fix that caused frequent app crashes in the background.
#32

* Accessbility Services - On-Interuppt method was not handled properly earlier.
#75

* In Firewall screen the warning text for System apps in included.
#70

* App crashes when other VPN is in active - Application state is now properly updated so that it can handle the other VPN active scenarios.

* Right-to-Left languages - UI changes. The Home screen's 'Start' button and about page UI modifications to support rtl languages.

* Firewall crash - app crash when there is change in installed/system packages. Now the app list is refreshed based on the app changes. When a new app in installed/modified/removed the list will be refreshed with the current data.

* Auto-start - auto start of application is now been disabled. Will introduce advanced settings on later versions to enable/disable the auto start of app during phone boot updated
#41
@ignoramous ignoramous mentioned this issue Sep 17, 2020
Closed
@ignoramous
Copy link
Collaborator Author

go-tun2socks occasionally crashes with SIGSEGVs, but it isn't as frequent with v1.16.11 anymore.

See #79

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ignoramous ignoramous

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ignoramous @hussainmohd-a