Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#3406 closed defect (fixed)

[Adblock Browser for Android] Crash after updating to Android 6.0.1

Reported by: Water Assignee: rjeschke
Priority: P1 Milestone: Adblock-Browser-for-Android-1.1.1
Module: Adblock-Browser-for-Android Keywords:
Cc: fhd, rjeschke, greiner Blocked By:
Blocking: Platform: Adblock Browser for Android
Ready: yes Confidential: no
Tester: Unknown Verified working: no
Review URL(s):

https://codereview.adblockplus.org/29334661/

Description (last modified by philll)

Environment

LG Google Nexus 5 D820
Android 6.0.1
Adblock Browser for Android 1.1.0

Original reports: https://adblockplus.org/forum/viewtopic.php?f=24&t=43005

How to reproduce

  1. Update to Android 6.0.1
  2. Install Adblock Browser for Android and launch it
  3. The browser crashes after a few second.

Observed behaviour

The browser crashes after a few seconds every time I launch it.

Expected behaviour

The browser doesn't crash when launching the application or accessing menus on Android 6.0.1

Change History (19)

comment:1 Changed 4 years ago by mapx

  • Cc fhd rjeschke added

comment:2 Changed 4 years ago by philll

  • Description modified (diff)

I played around with ABB 1.1.0 from the play store on a Nexus 7 at Andoird 6.0.1 but could not trigger any crash by browsing some random websites. I also tried closing and reopening ABB without having seen it crash so far.

comment:3 Changed 4 years ago by greiner

  • Cc greiner added

comment:4 Changed 4 years ago by fhd

  • Owner set to fhd
  • Priority changed from Unknown to P1
  • Ready set

Thanks for reporting! It's easily reproducible on a Nexus 9 running Android 6.0.1 - always reliably crashes after a few seconds. Logcat output is pretty useless, just a segfault. Will investigate this.

comment:5 Changed 4 years ago by fhd

Tried to reproduce this in Firefox 40.0 (on which Adblock Browser 1.1.0 is based), no luck, works fine. Also not reproducible in 39.0 and 42.0, but that part is less surprising. So I'm pretty sure this is not an upstream issue and a #3127 won't fix it. I'll try to reproduce it with a build that includes #3127, though.

comment:6 Changed 4 years ago by fhd

Did some regression testing on the side (takes forever because of the build times, unfortunately). Results so far:

  • Reproducible with revision 42e1f5902f6e (current head)
  • Not reproducible with revision 55cf10e7e5d (revision of Firefox ABB is based on, none of our changes)
  • Not reproducible with revision 0bbfbbb58a05 (early version of ABB, without settings integration)
  • Not reproducible with revision 99ef854ccbcd (first version of ABB with settings integration and the AddOnBridge)

I'll do some more of that...

comment:7 Changed 4 years ago by fhd

I was able to reproduce the issue with revision 4f9cda4a317b (last revision before the upstream merge of Firefox 40).

Last edited 4 years ago by fhd (previous) (diff)

comment:8 Changed 4 years ago by fhd

Seems like it isn't related to the Firefox 39 upstream merge either:

  • Not reproducible with revision 8946e96bea48 (last revision before the Firefox 39 upstream merge)
  • Not reproducible with revision 548d5ec5fb37 (Firefox 39 upstream merge)

Means the issue is somewhere between revision 548d5ec5fb37 and 4f9cda4a317b.

Last edited 4 years ago by fhd (previous) (diff)

comment:9 Changed 4 years ago by fhd

Getting closer, reproducible with revision b6f6fb0b2d1e.

comment:10 Changed 4 years ago by fhd

Alright, reproducible with revision b53436dd2098. That's right after 548d5ec5fb37, so it appears to be the culprit.

The bad news is that all this change does is disable the ABP extension. So it most likely has to do with something ABP does, or the way we integrate it, or communicate with it. There's a variety of possible issues there.

Now testing with 42e1f5902f6e, with b53436dd2098 backed out, then we'll know for sure.

comment:11 Changed 4 years ago by fhd

Yup, that's the culprit, the way we bundle ABP.

comment:12 Changed 4 years ago by fhd

Sorry for the delays here, I have been unable to concentrate on this for a few hours in a row for the past few weeks... Today I finally managed, and found the culprit.

This line in buildtools (in the ABP extension) causes it: https://hg.adblockplus.org/buildtools/file/97e2e12af6e8/lib/prefs.js#l23

This sends a synchronous XHR to a local file, defaults/prefs.json. When replacing that request with just an inlined version of that file, it all seems to work fine.

Not sure what this has to do with Android 6 yet, and I'm not sure if we get around to this, but at least we can implement a workaround now. I'll create a build with a fix for the testers so they can double check that this fixes it on all affected devices.

comment:13 Changed 4 years ago by amw

I'm a Nexus 9, Android 6.0.1 user observing the same crashes. Let me know when the bug is fixed so I can reinstall again. Thanks!

comment:14 Changed 4 years ago by fhd

After testing this some more, I noticed that there are still crashes happening, presumably on filter list update. I'll investigate...

comment:15 Changed 4 years ago by rjeschke

No more crashing here on startup. I started debugging from a clean tip of adblockbrowser and here are my findings:

  1. There was a bug in the OpenGL helpers initialization, GetIntField was called, when it should be GetLongField, this caused a 100% crash on startup. This bug was already fixed by Mozilla on 2015-07-10: https://bugzilla.mozilla.org/show_bug.cgi?id=1172567

The fix is to change the statement in widget/android/AndroidBridge.cpp at
line 743 from:

return reinterpret_cast<EGLSurface>(
        env->GetIntField(eglSurface.Get(), jEGLSurfacePointerField));

to:

return reinterpret_cast<EGLSurface>(mAPIVersion >= 20 ?
        env->GetLongField(eglSurface.Get(), jEGLSurfacePointerField) :
        env->GetIntField(eglSurface.Get(), jEGLSurfacePointerField));
  1. The libc.so/memcmp bug originated in the BgHangManager thread. The call to ThreadStackHelper.GetNativeStack(stack); on perma-hangs was the culprit. This bug was already fixed by Mozilla on 2015-09-18: https://bugzilla.mozilla.org/show_bug.cgi?id=1196381

The fix is to comment out the following lines in xpcom/threads/ThreadStackHelper.cpp

Start: line 420 -> CodeModulesProvider modulesProvider;
End: line 476 -> '}' just before the #endif

comment:16 Changed 4 years ago by rjeschke

  • Review URL(s) modified (diff)
  • Status changed from new to reviewing

comment:17 Changed 4 years ago by fhd

  • Owner changed from fhd to rjeschke

Assigning to René since he's the one who ended up fixing this :)

comment:18 Changed 4 years ago by fhd

  • Milestone set to Adblock-Browser-for-Android-next
  • Resolution set to fixed
  • Status changed from reviewing to closed

Landed: https://hg.adblockplus.org/adblockbrowser/rev/6ca822ca5b23

We're planning to do a fix release with this on Tuesday.

comment:19 Changed 4 years ago by rjeschke

  • Component changed from Unknown to Adblock-Browser-for-Android
Note: See TracTickets for help on using tickets.