Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

conscrypt_jni.so crash on version 2.5.3 #1268

Open
kenneth-leong-gt opened this issue Dec 5, 2024 · 4 comments
Open

conscrypt_jni.so crash on version 2.5.3 #1268

kenneth-leong-gt opened this issue Dec 5, 2024 · 4 comments

Comments

@kenneth-leong-gt
Copy link

Suddenly getting a conscrypt jni crash when upgrading to version 2.5.3. below is the stack trace.

Happens on both emulator and physical device.

Emulator: Android SDK 35
Physical device: Android SDK 30

I notice this issue only occurs when i add conscrypt as a security provider. like below.
Security.insertProviderAt(Conscrypt.newProviderBuilder().setName("CONSCRYPT_PROVIDER_NAME").build(), 1)

and subsequently setting a keyEntry into AndroidKeystore. Version 2.5.2 did not have this issue.

*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'google/sdk_gphone64_x86_64/emu64xa:15/AE3A.240806.005/12228598:userdebug/dev-keys'
Revision: '0'
ABI: 'x86_64'
Timestamp: 2024-12-05 17:53:47.419575575+0800
Process uptime: 23s
Cmdline: sg.ndi.sp.dev
pid: 6374, tid: 6460, name: DefaultDispatch  >>> sg.ndi.sp.dev <<<
uid: 10208
signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
    rax 0000000000000000  rbx 00007ed24d7f9b08  rcx 00007ed581cc4b90  rdx 0000000000000006
    r8  0001000400000000  r9  0001000400000000  r10 00007ed24d7f9b10  r11 0000000000000213
    r12 00007ed35a22a138  r13 00007ed4ca22caf8  r14 00000000000018e6  r15 000000000000193c
    rdi 00000000000018e6  rsi 000000000000193c
    rbp 0000000000000004  rsp 00007ed24d7f9b00  rip 00007ed581cc4b90
135 total frames
backtrace:
      #00 pc 000000000005cb90  /apex/com.android.runtime/lib64/bionic/libc.so (abort+192) (BuildId: eb58b4d427279994f00c0e1818477e4f)
      #01 pc 000000000017df62  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/split_config.x86_64.apk!libconscrypt_jni.so (offset 0x680000) (X509_NAME_print+306) (BuildId: 3621658b2843172a3cbf7731edb2012b0d1ef383)
      #02 pc 000000000017d374  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/split_config.x86_64.apk!libconscrypt_jni.so (offset 0x680000) (X509_print_ex+1124) (BuildId: 3621658b2843172a3cbf7731edb2012b0d1ef383)
      #03 pc 00000000000778ea  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/split_config.x86_64.apk!libconscrypt_jni.so (offset 0x680000) (BuildId: 3621658b2843172a3cbf7731edb2012b0d1ef383)
      #04 pc 000000000022b5eb  /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+219) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #05 pc 00000000002124b6  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+806) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #06 pc 0000000000474c24  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #07 pc 00000000005fa027  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<true>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2231) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #08 pc 00000000002335af  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+16111) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #09 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #10 pc 00000000001a260c  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (org.conscrypt.OpenSSLX509Certificate.toString+0)
      #11 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #12 pc 0000000000987e6e  /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+958) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #13 pc 000000000022b77c  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+140) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #14 pc 00000000000cfc15  [anon_shmem:dalvik-jit-code-cache] (offset 0x2000000) (java.lang.String.valueOf+165)
      #15 pc 00000000002124b6  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+806) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #16 pc 0000000000474c24  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #17 pc 00000000005f92f3  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2339) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #18 pc 0000000000233364  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+15524) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #19 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #20 pc 000000000010eb14  /apex/com.android.art/javalib/core-oj.jar (java.lang.StringBuilder.append+0)
      #21 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #22 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #23 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #24 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #25 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #26 pc 00000000000198e0  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (sg.ndi.security.NdiSecurity.storeSignedCertificate+0)
      #27 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #28 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #29 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #30 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #31 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #32 pc 0000000000019048  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (sg.ndi.security.NdiSecurity.saveCertificate+0)
      #33 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #34 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #35 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #36 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #37 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #38 pc 0000000000057e94  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (sg.ndi.viewModel.DiagnosticFragmentViewModel.signCsrGenerateAndSaveCertificate+0)
      #39 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #40 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #41 pc 00000000005fa00d  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<true>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2205) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #42 pc 0000000000233063  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14755) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #43 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #44 pc 0000000000057740  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (sg.ndi.viewModel.DiagnosticFragmentViewModel.generateCsr+0)
      #45 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #46 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #47 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #48 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #49 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #50 pc 0000000000057a7c  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (sg.ndi.viewModel.DiagnosticFragmentViewModel.generateKey+0)
      #51 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #52 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #53 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #54 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #55 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #56 pc 00000000000574b8  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (sg.ndi.viewModel.DiagnosticFragmentViewModel.access$generateKey+0)
      #57 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #58 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #59 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #60 pc 0000000000233364  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+15524) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #61 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #62 pc 0000000000056254  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (sg.ndi.viewModel.DiagnosticFragmentViewModel$startDiagnostics$1.invokeSuspend+0)
      #63 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #64 pc 0000000000987e6e  /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+958) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #65 pc 000000000022b77c  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+140) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #66 pc 00000000005f3751  [anon_shmem:dalvik-jit-code-cache] (offset 0x2000000) (kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith+273)
      #67 pc 0000000000212154  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+756) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #68 pc 0000000000474bf5  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+181) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #69 pc 00000000005f92f3  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2339) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #70 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #71 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #72 pc 0000000000283214  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (kotlinx.coroutines.UndispatchedCoroutine.afterResume+0)
      #73 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #74 pc 0000000000987e6e  /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+958) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #75 pc 000000000022b77c  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+140) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #76 pc 00000000008834dd  [anon_shmem:dalvik-jit-code-cache] (offset 0x2000000) (kotlinx.coroutines.AbstractCoroutine.resumeWith+333)
      #77 pc 00000000005f387d  [anon_shmem:dalvik-jit-code-cache] (offset 0x2000000) (kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith+573)
      #78 pc 0000000000212154  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+756) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #79 pc 0000000000474bf5  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+181) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #80 pc 00000000005f92f3  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2339) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #81 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #82 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #83 pc 00000000002b9a8c  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (kotlinx.coroutines.internal.ScopeCoroutine.afterResume+0)
      #84 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #85 pc 0000000000987e6e  /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+958) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #86 pc 000000000022b77c  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+140) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #87 pc 00000000008834dd  [anon_shmem:dalvik-jit-code-cache] (offset 0x2000000) (kotlinx.coroutines.AbstractCoroutine.resumeWith+333)
      #88 pc 00000000005f387d  [anon_shmem:dalvik-jit-code-cache] (offset 0x2000000) (kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith+573)
      #89 pc 00000000005f2d05  [anon_shmem:dalvik-jit-code-cache] (offset 0x2000000) (kotlinx.coroutines.DispatchedTask.run+1317)
      #90 pc 0000000000212154  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+756) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #91 pc 0000000000474bf5  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+181) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #92 pc 00000000005f92f3  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2339) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #93 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #94 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #95 pc 00000000002b7104  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (kotlinx.coroutines.internal.LimitedDispatcher$Worker.run+0)
      #96 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #97 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #98 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #99 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #100 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #101 pc 00000000002be6b0  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (kotlinx.coroutines.scheduling.TaskImpl.run+0)
      #102 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #103 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #104 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #105 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #106 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #107 pc 00000000002bddc8  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely+0)
      #108 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #109 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #110 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #111 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #112 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #113 pc 00000000002bc83c  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask+0)
      #114 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #115 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #116 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #117 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #118 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #119 pc 00000000002bc9b0  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker+0)
      #120 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #121 pc 00000000005f85f7  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+103) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #122 pc 00000000005f92d9  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2313) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #123 pc 0000000000233101  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+14913) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #124 pc 000000000022d2e5  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #125 pc 00000000002bc998  /data/app/~~8RqBNHEbQQhEORwhGUwjYw==/sg.ndi.sp.dev-642NZurFC_akOOQXeut_MQ==/base.apk (kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run+0)
      #126 pc 00000000005f1de9  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238)+505) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #127 pc 0000000000987e6e  /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+958) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #128 pc 000000000022b77c  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+140) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #129 pc 0000000000212154  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+756) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #130 pc 0000000000474bf5  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+181) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #131 pc 00000000008c5cc3  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1427) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #132 pc 00000000008c5725  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallbackWithUffdGc(void*)+5) (BuildId: 62338b1c62e3991543c9b8b8bae2b361)
      #133 pc 000000000006d62a  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+58) (BuildId: eb58b4d427279994f00c0e1818477e4f)
      #134 pc 0000000000060348  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+56) (BuildId: eb58b4d427279994f00c0e1818477e4f)
Tombstone written to: tombstone_02
null2264 added a commit to null2264/yokai that referenced this issue Dec 10, 2024
@null2264
fix(deps): Downgrade dependency org.conscrypt:conscrypt-android to v2…
05b20e0 
….5.2

REF: google/conscrypt#1268
This was referenced Feb 1, 2025
Closed
Closed
@rfc2822
Copy link

rfc2822 commented Feb 2, 2025
edited
Loading

I found that only org.conscrypt.OpenSSLX509Certificate.toString() (which we had used for logging) crashes under certain circumstances / for certain certificates (for instance the one of https://expired.badssl.com).

Are you using toString too?

@rfc2822 rfc2822 mentioned this issue Feb 2, 2025
Merged
@rfc2822
Copy link

rfc2822 commented Feb 2, 2025

This test fails with 2.5.3, but works with 2.5.2:

package at.bitfire.cert4android

import org.conscrypt.Conscrypt
import org.junit.Before
import org.junit.Test
import java.security.Security
import java.security.cert.CertificateFactory
import java.security.cert.X509Certificate

class ConscryptTest {

    @Before
    fun setUp() {
        //ConscryptIntegration.initialize()
        Security.insertProviderAt(Conscrypt.newProvider(), 1)
    }


    @Test
    fun test_X509Certificate_toString() {
        val certFactory = CertificateFactory.getInstance("X.509")
        val testCert = certFactory.generateCertificate(RAW_EXPIRED_CERT.byteInputStream()) as X509Certificate

        // Crashes with Conscrypt 2.5.3
        System.err.println(testCert.toString())
    }


    companion object {

        const val RAW_EXPIRED_CERT = "-----BEGIN CERTIFICATE-----\n" +
                "MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv\n" +
                "MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk\n" +
                "ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF\n" +
                "eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow\n" +
                "gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO\n" +
                "BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD\n" +
                "VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq\n" +
                "hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw\n" +
                "AHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR6\n" +
                "2RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onr\n" +
                "ayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt\n" +
                "4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq\n" +
                "m1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/\n" +
                "vOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT\n" +
                "8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IE\n" +
                "IlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfO\n" +
                "KJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPO\n" +
                "GHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/\n" +
                "s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g\n" +
                "JMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQD\n" +
                "AgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9\n" +
                "MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy\n" +
                "bmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6\n" +
                "Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQ\n" +
                "zbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj\n" +
                "Jw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLY\n" +
                "Uspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5\n" +
                "B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9Hvx\n" +
                "PUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR\n" +
                "pu/xO28QOG8=\n" +
                "-----END CERTIFICATE-----\n"

    }
    
}

@kenneth-leong-gt
Copy link
Author

My codebase does indeed call certificate.toString().

@prbprbprb
Copy link
Collaborator

Thanks for the report! In theory, the only change between 2.5.2 and 2.5.3 should be the page alignment (16k vs 4K) but this behaviour change suggests that (a) we accidentally shipped a newer version of BoringSSL with stricter checks and (b) that triggers the native crash in toString() which is implemented via X509_print_ex(), and it looks like we don't have any test coverage for this case.

For now, unless you need 16K page size support, I'd suggest sticking to 2.5.2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rfc2822 @prbprbprb @kenneth-leong-gt