Tk Source Code

View Ticket
Login
2024-06-13
20:24 Closed ticket [3bc0f44e]: UBSan complains about body.chars[] usage plus 6 other changes artifact: 9d146b96 user: fvogel
06:03 Ticket [3bc0f44e]: 3 changes artifact: 9e315c80 user: fvogel
06:01 Closed ticket [dacd1829]: Undefined behavior in tkTextBTree.c (out of bounds access in array) plus 6 other changes artifact: 13d99d2b user: fvogel
2023-04-02
16:45 Ticket [3bc0f44e] UBSan complains about body.chars[] usage status still Open with 3 other changes artifact: 99221285 user: chrstphrchvz
16:34 Open ticket [3bc0f44e]. artifact: caf182de user: chrstphrchvz
2020-09-11
11:01 Closed ticket [3bc0f44e]. artifact: 6246ac58 user: jan.nijtmans
08:36
Fix [3bc0f44ef3]: UBSan complains about body.chars[] usage check-in: bed80183 user: jan.nijtmans tags: core-8-6-branch
07:36 Ticket [3bc0f44e] UBSan complains about body.chars[] usage status still Open with 4 other changes artifact: 8a94e826 user: oehhar
2020-09-09
17:06 Ticket [3bc0f44e]: 3 changes artifact: e5c0887a user: fvogel
16:38 Ticket [3bc0f44e]: 3 changes artifact: faf12080 user: chrstphrchvz
15:40 Ticket [3bc0f44e]: 3 changes artifact: 01d380af user: jan.nijtmans
07:12 Ticket [3bc0f44e]: 3 changes artifact: 85ffd509 user: fvogel
06:20 Ticket [3bc0f44e]: 4 changes artifact: b3f0e02c user: jan.nijtmans
06:19
Attempt to fix [3bc0f44ef3]: UBSan complains about body.chars[] usage. Don't know if all (older) compilers, like VC++ 6.0, accept this. check-in: da241cf9 user: jan.nijtmans tags: bug-3bc0f44ef3
2020-09-08
23:54 New ticket [3bc0f44e] UBSan complains about body.chars[] usage. artifact: 35609a1a user: chrstphrchvz

Ticket UUID: 3bc0f44ef3a8ef3d83c64e55ac155d58719f487a
Title: UBSan complains about body.chars[] usage
Type: Bug Version: core-8-6-branch
Submitter: chrstphrchvz Created on: 2020-09-08 23:54:47
Subsystem: 18. [text] Assigned To: jan.nijtmans
Priority: 5 Medium Severity: Cosmetic
Status: Closed Last Modified: 2024-06-13 20:24:17
Resolution: Fixed Closed By: fvogel
    Closed on: 2024-06-13 20:24:17
Description:

Probably the biggest complaint UBSan (-fsanitize=array-bounds) has so far about Tk is usage of the body.chars[] member of a TkTextSegment. Some examples which appear immediately when running the widget demo:

tk/unix/../generic/tkTextBTree.c:1074:2: runtime error: index 25 out of bounds for type 'char [2]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior tk/unix/../generic/tkTextBTree.c:1074:2 in
tk/unix/../generic/tkTextBTree.c:4613:5: runtime error: index 63 out of bounds for type 'char [2]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior tk/unix/../generic/tkTextBTree.c:4613:5 in
tk/unix/../generic/tkTextBTree.c:4613:5: runtime error: index 63 out of bounds for type 'char [2]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior tk/unix/../generic/tkTextBTree.c:4613:5 in
tk/unix/../generic/tkTextBTree.c:4614:5: runtime error: index 64 out of bounds for type 'char [2]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior tk/unix/../generic/tkTextBTree.c:4614:5 in
tk/unix/../generic/tkTextDisp.c:1502:31: runtime error: index 105 out of bounds for type 'char [2]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior tk/unix/../generic/tkTextDisp.c:1502:31 in
tk/unix/../generic/tkTextDisp.c:7650:28: runtime error: index 105 out of bounds for type 'char [2]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior tk/unix/../generic/tkTextDisp.c:7650:28 in

I don't think I have any good suggestions about how to address this complaint. Feel free to close as wontfix, and whoever wants to use UBSan gets to ignore this. It can be silenced by defining any involved functions as __attribute__((no_sanitize("array-bounds"))), e.g.

static Tcl_Obj *
__attribute__((no_sanitize("array-bounds")))
TextGetText(…)
{
…
}

User Comments: fvogel added on 2024-06-13 20:24:17:

Fix provided in ticket [dacd18294b], follow-up there.


fvogel added on 2024-06-13 06:03:19:

Duplicate of [dacd18294b] that I have just re-found.

Declaring 'char chars[TCL_UTF_MAX]' in the TkTextSegment struct makes no sense IMO: This array has nothing to do with TCL_UTF_MAX at all. I see there were several successive changes here: first [bed8018384], then [8847c81c47] and finally [6067cc55df] which is the current state.

Jan, would you be so kind to have another look please? This clutters the output of UBSan. Thanks!


chrstphrchvz added on 2023-04-02 16:45:11:

The only suggestion I can think of is to either revert [8847c81c4797], or introduce yet another macro like pre-[8847c81c4797] TKFLEXARRAY (i.e. with only the GNU syntax alternative and not the C99 syntax alternative) which is usable in a union.


chrstphrchvz added on 2023-04-02 16:34:12:

Reopening: these errors have returned due to changes in [8847c81c4797] and [6067cc55dfa5] (so the error now says …for type 'char [3]'). Given the comment in [8847c81c4797], maybe this is won’t-fix.


jan.nijtmans added on 2020-09-11 11:01:29:

Merged to core-8-6-branch and trunk now.

Warnings on VC++ 6.0 below, as reported by Harald, eliminated too (Thanks!)


oehhar added on 2020-09-11 07:36:15:

Sorry, saw the question for me only today.

It builds well. There are some warnings.

Here is a build log:

fossil open ..\fossil\tk.fossil bug-3bc0f44ef3
cd win
nmake -f makefile.vc TCLDIR=c:\test\tcl8.7a3
...snipped all usual stuff, only warnings left
C:\test\tk8.7-bug-3bc0f44ef3_2020-09-11\win\..\generic\tkPointer.c(302) : warning C4018: '==' : signed/unsigned mismatch
C:\test\tk8.7-bug-3bc0f44ef3_2020-09-11\win\..\win\tkWinFont.c(1500) : warning C4761: integral size mismatch in argument; conversion supplied
C:\test\tk8.7-bug-3bc0f44ef3_2020-09-11\win\..\win\tkWinFont.c(1500) : warning C4761: integral size mismatch in argument; conversion supplied
C:\test\tk8.7-bug-3bc0f44ef3_2020-09-11\win\..\win\tkWinFont.c(1522) : warning C4761: integral size mismatch in argument; conversion supplied
C:\test\tk8.7-bug-3bc0f44ef3_2020-09-11\win\..\win\tkWinFont.c(1522) : warning C4761: integral size mismatch in argument; conversion supplied

Test are without any failure.

Thank you, Harald


fvogel added on 2020-09-09 17:06:18:

I can't test with VC++6.0. AFAIK only Harald Oehlmann still builds with this compiler. Harald, could you confirm branch bug-3bc0f44ef3 builds with VC++6.0 ? Thanks in advance!


chrstphrchvz added on 2020-09-09 16:38:01:

Yes, UBSan does not warn for chars[0].


jan.nijtmans added on 2020-09-09 15:40:57:

@chrstphrchvz: Does this commit help for UBSan??? (If not, then it doesn't make sense to do this at all ...).

If it helps for UBSan but doesn't build for VC++ 6.0, we can use a workaround, e.g. a #define TCL_FLEXARRAY which has value 1 for VC++ 6.0 (or other older microsoft compilers) and 0 for all other compilers.


fvogel added on 2020-09-09 07:12:36:
For me it builds with MSVC 2008 Express Edition.

jan.nijtmans added on 2020-09-09 06:20:58:

How about [da241cf9ce1cf74e] ?

Don't know if this works for older compilers ....