Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
-fsanitize=bounds detects a buffer overflow in LatinIME #170
Comments
thestinger
added
the
Type: bug
label
Feb 8, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Feb 8, 2016
Contributor
Going to need log files from the crashes and instructions on how to reproduce the problem in order to do something about it. It works fine here.
|
Going to need log files from the crashes and instructions on how to reproduce the problem in order to do something about it. It works fine here. |
thestinger
added this to the Release milestone
Feb 8, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment|
Which locale are you using? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
amilopowers
Feb 8, 2016
I use German (Switzerland).
How do I save logs without superuser rights? I tried "aLogcat" app but didn't get any result.
amilopowers
commented
Feb 8, 2016
|
I use German (Switzerland). How do I save logs without superuser rights? I tried "aLogcat" app but didn't get any result. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
polyzen
Feb 8, 2016
https://developer.android.com/tools/help/logcat.html
Edit: Android doesn't need to be rooted for this
polyzen
commented
Feb 8, 2016
|
https://developer.android.com/tools/help/logcat.html Edit: Android doesn't need to be rooted for this |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Feb 8, 2016
Contributor
@amilopowers It would also be helpful if you could temporarily try the United States locale to see if this is something specific to code paths that are only hit (at least typically) in other locales.
|
@amilopowers It would also be helpful if you could temporarily try the United States locale to see if this is something specific to code paths that are only hit (at least typically) in other locales. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
amilopowers
commented
Feb 10, 2016
|
It happens not on a regular basis so I couldn't log it yet. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
Bmme2GFTbU
commented
Feb 10, 2016
|
Could confirm this bug for German (Germany) . |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Feb 10, 2016
Contributor
Need the adb logcat output showing the crash log after it happens to approach this. It's probably a memory corruption bug in Android being detected by a CopperheadOS feature.
|
Need the |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
Bmme2GFTbU
Feb 10, 2016
Seems to be related to spellchecking. After disabling keyboard works better. Problem occurs after latest update. Keyboard crashes and with spell checking you have to mark the last word to activate the keyboard again. Without spell checking it crashes less and its easier to reactivate.
Bmme2GFTbU
commented
Feb 10, 2016
|
Seems to be related to spellchecking. After disabling keyboard works better. Problem occurs after latest update. Keyboard crashes and with spell checking you have to mark the last word to activate the keyboard again. Without spell checking it crashes less and its easier to reactivate. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
Bmme2GFTbU
commented
Feb 10, 2016
|
I'll try to get logcat tomorrow evening CET |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Feb 10, 2016
Contributor
It's probably another out-of-bounds access detected by -fsanitize=bounds the logs are just going to how a SIGTRAP triggered somewhere. It probably can't be fixed without getting the sanitize debugging mode working properly. It could be turned off for LatinIME again...
|
It's probably another out-of-bounds access detected by |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
vanitasvitae
Feb 10, 2016
I can confirm this too (german layout). Also I recognized that the keyboard starts to lag when I'm typing longer words.
vanitasvitae
commented
Feb 10, 2016
|
I can confirm this too (german layout). Also I recognized that the keyboard starts to lag when I'm typing longer words. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Feb 11, 2016
Contributor
I can probably have this fixed in today's builds if someone can get a traceback from adb logcat after the crash.
|
I can probably have this fixed in today's builds if someone can get a traceback from |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
vanitasvitae
Feb 11, 2016
Btw: Do you plan to offer a "vanilla" build without additional apps? That would allow people to update apps themselves without having to wait for a new CopperheadOS zip.
vanitasvitae
commented
Feb 11, 2016
|
Btw: Do you plan to offer a "vanilla" build without additional apps? That would allow people to update apps themselves without having to wait for a new CopperheadOS zip. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Feb 11, 2016
Contributor
No, not planning on doing that. The builds take a long time. SMSSecure isn't an additional app anyway, it's a replacement for Messenger.
|
No, not planning on doing that. The builds take a long time. SMSSecure isn't an additional app anyway, it's a replacement for Messenger. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
vanitasvitae
Feb 11, 2016
Ok, thank you :) Btw: Tried to reproduce the crash with logcat running, but no success so far.
vanitasvitae
commented
Feb 11, 2016
|
Ok, thank you :) Btw: Tried to reproduce the crash with logcat running, but no success so far. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
vanitasvitae
Feb 12, 2016
Just found out: the keyboard crashes each and every time I write "send2" on German layout. On English layout I can write that without a crash.
vanitasvitae
commented
Feb 12, 2016
|
Just found out: the keyboard crashes each and every time I write "send2" on German layout. On English layout I can write that without a crash. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
vanitasvitae
commented
Feb 12, 2016
|
Also crash when writing "meine," |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Feb 12, 2016
Contributor
Thanks, that should be enough to work around it. Can look into fixing the apparent out-of-bounds access in LatinIME later. It's almost certainly a sanitizer violation, and the only one enabled there is the bounds sanitizer since that's globally enabled.
|
Thanks, that should be enough to work around it. Can look into fixing the apparent out-of-bounds access in LatinIME later. It's almost certainly a sanitizer violation, and the only one enabled there is the bounds sanitizer since that's globally enabled. |
thestinger
added
the
upstream
label
Feb 12, 2016
thestinger
changed the title from
AOSP Keyboard crashes
to
-fsanitize=bounds detects a buffer overflow in LatinIME
Feb 12, 2016
thestinger
added
the
Status: workaround in place
label
Feb 12, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Feb 12, 2016
Contributor
This should no longer abort with the latest release (2016.02.12.00.30.42). The issue can stay open and track progress on re-enabling -fsanitize=bounds for LatinIME.
|
This should no longer abort with the latest release (2016.02.12.00.30.42). The issue can stay open and track progress on re-enabling -fsanitize=bounds for LatinIME. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
vanitasvitae
commented
Feb 12, 2016
|
No more crashes for me when typing "send2" or "meine,". Nice! |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
amilopowers
commented
Feb 12, 2016
|
Seems to work here as well! Thank you very much. |
thestinger
removed this from the Release milestone
Feb 21, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Sep 16, 2016
Contributor
This is going to have to be revisited in Nougat once -fsanitize=bounds is enabled for C++ again.
|
This is going to have to be revisited in Nougat once |
amilopowers commentedFeb 8, 2016
The keyboard crashes always. I am on the hammerhead nightly from the 7. Feb.2016.
I am now using another keyboard instead which could compromise my privacy.