-fsanitize=bounds detects a buffer overflow in LatinIME

[amilopowers]

The keyboard crashes always. I am on the hammerhead nightly from the 7. Feb.2016.

I am now using another keyboard instead which could compromise my privacy.

[thestinger]

Going to need log files from the crashes and instructions on how to reproduce the problem in order to do something about it. It works fine here.

[thestinger]

Going to need log files from the crashes and instructions on how to reproduce the problem in order to do something about it. It works fine here.

[thestinger]

Which locale are you using?

[thestinger]

Which locale are you using?

[amilopowers]

I use German (Switzerland).

How do I save logs without superuser rights? I tried "aLogcat" app but didn't get any result.

[amilopowers]

I use German (Switzerland).

How do I save logs without superuser rights? I tried "aLogcat" app but didn't get any result.

[polyzen]

https://developer.android.com/tools/help/logcat.html

Edit: Android doesn't need to be rooted for this

[polyzen]

https://developer.android.com/tools/help/logcat.html

Edit: Android doesn't need to be rooted for this

[thestinger]

@amilopowers It would also be helpful if you could temporarily try the United States locale to see if this is something specific to code paths that are only hit (at least typically) in other locales.

[thestinger]

@amilopowers It would also be helpful if you could temporarily try the United States locale to see if this is something specific to code paths that are only hit (at least typically) in other locales.

[amilopowers]

It happens not on a regular basis so I couldn't log it yet.

[amilopowers]

It happens not on a regular basis so I couldn't log it yet.

[Bmme2GFTbU]

Could confirm this bug for German (Germany) .

[Bmme2GFTbU]

Could confirm this bug for German (Germany) .

[thestinger]

Need the adb logcat output showing the crash log after it happens to approach this. It's probably a memory corruption bug in Android being detected by a CopperheadOS feature.

[thestinger]

Need the adb logcat output showing the crash log after it happens to approach this. It's probably a memory corruption bug in Android being detected by a CopperheadOS feature.

[Bmme2GFTbU]

Seems to be related to spellchecking. After disabling keyboard works better. Problem occurs after latest update. Keyboard crashes and with spell checking you have to mark the last word to activate the keyboard again. Without spell checking it crashes less and its easier to reactivate.

[Bmme2GFTbU]

Seems to be related to spellchecking. After disabling keyboard works better. Problem occurs after latest update. Keyboard crashes and with spell checking you have to mark the last word to activate the keyboard again. Without spell checking it crashes less and its easier to reactivate.

[Bmme2GFTbU]

I'll try to get logcat tomorrow evening CET

[Bmme2GFTbU]

I'll try to get logcat tomorrow evening CET

[thestinger]

It's probably another out-of-bounds access detected by -fsanitize=bounds the logs are just going to how a SIGTRAP triggered somewhere. It probably can't be fixed without getting the sanitize debugging mode working properly. It could be turned off for LatinIME again...

[thestinger]

It's probably another out-of-bounds access detected by -fsanitize=bounds the logs are just going to how a SIGTRAP triggered somewhere. It probably can't be fixed without getting the sanitize debugging mode working properly. It could be turned off for LatinIME again...

[vanitasvitae]

I can confirm this too (german layout). Also I recognized that the keyboard starts to lag when I'm typing longer words.

[vanitasvitae]

I can confirm this too (german layout). Also I recognized that the keyboard starts to lag when I'm typing longer words.

[thestinger]

I can probably have this fixed in today's builds if someone can get a traceback from adb logcat after the crash.

[thestinger]

I can probably have this fixed in today's builds if someone can get a traceback from adb logcat after the crash.

[vanitasvitae]

Btw: Do you plan to offer a "vanilla" build without additional apps? That would allow people to update apps themselves without having to wait for a new CopperheadOS zip.

[vanitasvitae]

Btw: Do you plan to offer a "vanilla" build without additional apps? That would allow people to update apps themselves without having to wait for a new CopperheadOS zip.

[thestinger]

No, not planning on doing that. The builds take a long time. SMSSecure isn't an additional app anyway, it's a replacement for Messenger.

[thestinger]

No, not planning on doing that. The builds take a long time. SMSSecure isn't an additional app anyway, it's a replacement for Messenger.

[vanitasvitae]

Ok, thank you :) Btw: Tried to reproduce the crash with logcat running, but no success so far.

[vanitasvitae]

Ok, thank you :) Btw: Tried to reproduce the crash with logcat running, but no success so far.

[vanitasvitae]

Just found out: the keyboard crashes each and every time I write "send2" on German layout. On English layout I can write that without a crash.

[vanitasvitae]

Just found out: the keyboard crashes each and every time I write "send2" on German layout. On English layout I can write that without a crash.

[vanitasvitae]

Also crash when writing "meine,"

[vanitasvitae]

Also crash when writing "meine,"

[thestinger]

Thanks, that should be enough to work around it. Can look into fixing the apparent out-of-bounds access in LatinIME later. It's almost certainly a sanitizer violation, and the only one enabled there is the bounds sanitizer since that's globally enabled.

[thestinger]

Thanks, that should be enough to work around it. Can look into fixing the apparent out-of-bounds access in LatinIME later. It's almost certainly a sanitizer violation, and the only one enabled there is the bounds sanitizer since that's globally enabled.

[thestinger]

This should no longer abort with the latest release (2016.02.12.00.30.42). The issue can stay open and track progress on re-enabling -fsanitize=bounds for LatinIME.

[thestinger]

This should no longer abort with the latest release (2016.02.12.00.30.42). The issue can stay open and track progress on re-enabling -fsanitize=bounds for LatinIME.

[vanitasvitae]

No more crashes for me when typing "send2" or "meine,". Nice!

[vanitasvitae]

No more crashes for me when typing "send2" or "meine,". Nice!

[amilopowers]

Seems to work here as well! Thank you very much.

[amilopowers]

Seems to work here as well! Thank you very much.

[thestinger]

This is going to have to be revisited in Nougat once -fsanitize=bounds is enabled for C++ again.

[thestinger]

This is going to have to be revisited in Nougat once -fsanitize=bounds is enabled for C++ again.