qtwebkit consumers are broken

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

qtwebkit consumers are broken

Rafael Sadowski
Looks like x11/qt5/qtwebkit is broken. I'm sure all consumers are
affected. backtraces below:

digikam:

Thread 1 received signal SIGTRAP, Trace/breakpoint trap.
0x0000079d971c05fb in cti_vm_throw () from /usr/local/lib/libQt5WebKit.so.2.1
(gdb) bt
#0  0x0000079d971c05fb in cti_vm_throw () from /usr/local/lib/libQt5WebKit.so.2.1
#1  0x0000079d971525e7 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) () from /usr/local/lib/libQt5WebKit.so.2.1
#2  0x0000079d9726b52e in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () from /usr/local/lib/libQt5WebKit.so.2.1
#3  0x0000079d95f83b7d in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) () from /usr/local/lib/libQt5WebKit.so.2.1
#4  0x0000079d95f83e06 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) () from /usr/local/lib/libQt5WebKit.so.2.1
#5  0x0000079d96f95511 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) () from /usr/local/lib/libQt5WebKit.so.2.1
#6  0x0000079d9605e92f in WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript&) () from /usr/local/lib/libQt5WebKit.so.2.1
#7  0x0000079d9605e7e4 in WebCore::HTMLScriptRunner::executeParsingBlockingScript() () from /usr/local/lib/libQt5WebKit.so.2.1
#8  0x0000079d9605f10b in WebCore::HTMLScriptRunner::executeScriptsWaitingForLoad(WebCore::CachedResource*) () from /usr/local/lib/libQt5WebKit.so.2.1
#9  0x0000079d9605370f in WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) () from /usr/local/lib/libQt5WebKit.so.2.1
#10 0x0000079d960a2453 in WebCore::CachedResource::checkNotify() () from /usr/local/lib/libQt5WebKit.so.2.1
#11 0x0000079d960f10f9 in WebCore::SubresourceLoader::didFinishLoading(double) () from /usr/local/lib/libQt5WebKit.so.2.1
#12 0x0000079d9630d2fa in WebCore::QNetworkReplyHandler::finish() () from /usr/local/lib/libQt5WebKit.so.2.1
#13 0x0000079d9630bb0a in WebCore::QNetworkReplyHandlerCallQueue::flush() () from /usr/local/lib/libQt5WebKit.so.2.1
#14 0x0000079d9630f40a in WebCore::QNetworkReplyWrapper::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/local/lib/libQt5WebKit.so.2.1
#15 0x0000079dbc057572 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/local/lib/libQt5Core.so.2.2
#16 0x0000079d3fbe7dea in QNetworkReply::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/local/lib/libQt5Network.so.2.2
#17 0x0000079dbc04f952 in QObject::event(QEvent*) () from /usr/local/lib/libQt5Core.so.2.2
#18 0x0000079ddfef80dc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/lib/libQt5Widgets.so.2.2
#19 0x0000079ddfef96d9 in QApplication::notify(QObject*, QEvent*) () from /usr/local/lib/libQt5Widgets.so.2.2
#20 0x0000079dbc0200ba in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/local/lib/libQt5Core.so.2.2
#21 0x0000079dbc0211c7 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/local/lib/libQt5Core.so.2.2
#22 0x0000079dbc07e987 in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () from /usr/local/lib/libQt5Core.so.2.2
#23 0x0000079daff7e889 in g_main_dispatch (context=<optimized out>) at gmain.c:3177
#24 g_main_context_dispatch (context=<optimized out>) at gmain.c:3830
#25 0x0000079daff7ec93 in g_main_context_iterate (context=<optimized out>, block=<optimized out>, dispatch=<optimized out>, self=<optimized out>) at gmain.c:3903
#26 0x0000079daff7ed73 in g_main_context_iteration (context=0x79d7b329e00, may_block=0) at gmain.c:3964
#27 0x0000079dbc07e1cb in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/lib/libQt5Core.so.2.2
#28 0x0000079dbc020766 in QCoreApplication::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/lib/libQt5Core.so.2.2
#29 0x0000079d993448b7 in Digikam::DSplashScreen::setMessage(QString const&) () from /usr/local/lib/libdigikamcore.so.1.0
#30 0x0000079dd4cd1c04 in Digikam::DigikamApp::setupActions() () from /usr/local/lib/libdigikamgui.so.1.0
#31 0x0000079dd4cd57b7 in Digikam::DigikamApp::DigikamApp() () from /usr/local/lib/libdigikamgui.so.1.0
#32 0x0000079b29902fc0 in main ()

otter-browser:

Thread 1 received signal SIGTRAP, Trace/breakpoint trap.
0x00001f261430f4ad in cti_op_construct_NotJSConstruct () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
(gdb) bt
#0  0x00001f261430f4ad in cti_op_construct_NotJSConstruct () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#1  0x00001f26142a85e7 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#2  0x00001f26143c152e in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#3  0x00001f26130d9b7d in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#4  0x00001f26130d9e06 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#5  0x00001f26140eb511 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#6  0x00001f26131b492f in WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript&) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#7  0x00001f26131b47e4 in WebCore::HTMLScriptRunner::executeParsingBlockingScript() () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#8  0x00001f26131b510b in WebCore::HTMLScriptRunner::executeScriptsWaitingForLoad(WebCore::CachedResource*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#9  0x00001f26131a970f in WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#10 0x00001f26131f8453 in WebCore::CachedResource::checkNotify() () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#11 0x00001f26132470f9 in WebCore::SubresourceLoader::didFinishLoading(double) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#12 0x00001f26134632fa in WebCore::QNetworkReplyHandler::finish() () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#13 0x00001f2613461b0a in WebCore::QNetworkReplyHandlerCallQueue::flush() () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#14 0x00001f261346540a in WebCore::QNetworkReplyWrapper::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
#15 0x00001f268a49a572 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
#16 0x00001f26c0a44e7f in QNetworkReplyHttpImplPrivate::finished() () from /usr/local/lib/qt5/./libQt5Network.so.2.2
#17 0x00001f26c0b0fcf7 in QNetworkReplyHttpImpl::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/local/lib/qt5/./libQt5Network.so.2.2
#18 0x00001f268a492952 in QObject::event(QEvent*) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
#19 0x00001f263afec0dc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2
#20 0x00001f263afed6d9 in QApplication::notify(QObject*, QEvent*) () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2
#21 0x00001f268a4630ba in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
#22 0x00001f268a4641c7 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
#23 0x00001f268a4c1987 in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
#24 0x00001f2618cc8889 in g_main_dispatch (context=<optimized out>) at gmain.c:3177
#25 g_main_context_dispatch (context=<optimized out>) at gmain.c:3830
#26 0x00001f2618cc8c93 in g_main_context_iterate (context=<optimized out>, block=<optimized out>, dispatch=<optimized out>, self=<optimized out>) at gmain.c:3903
#27 0x00001f2618cc8d73 in g_main_context_iteration (context=0x1f261587e900, may_block=1) at gmain.c:3964
#28 0x00001f268a4c11cb in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
#29 0x00001f268a45e47e in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
#30 0x00001f268a4639f4 in QCoreApplication::exec() () from /usr/local/lib/qt5/./libQt5Core.so.2.2
#31 0x00001f240cf0b4b9 in main ()

Reply | Threaded
Open this post in threaded view
|

Re: qtwebkit consumers are broken

Rafael Sadowski
On Tue Jun 12, 2018 at 08:33:11PM +0200, Rafael Sadowski wrote:

> Looks like x11/qt5/qtwebkit is broken. I'm sure all consumers are
> affected. backtraces below:
>
> digikam:
>
> Thread 1 received signal SIGTRAP, Trace/breakpoint trap.
> 0x0000079d971c05fb in cti_vm_throw () from /usr/local/lib/libQt5WebKit.so.2.1
> (gdb) bt
> #0  0x0000079d971c05fb in cti_vm_throw () from /usr/local/lib/libQt5WebKit.so.2.1
> #1  0x0000079d971525e7 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) () from /usr/local/lib/libQt5WebKit.so.2.1
> #2  0x0000079d9726b52e in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () from /usr/local/lib/libQt5WebKit.so.2.1
> #3  0x0000079d95f83b7d in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) () from /usr/local/lib/libQt5WebKit.so.2.1
> #4  0x0000079d95f83e06 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) () from /usr/local/lib/libQt5WebKit.so.2.1
> #5  0x0000079d96f95511 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) () from /usr/local/lib/libQt5WebKit.so.2.1
> #6  0x0000079d9605e92f in WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript&) () from /usr/local/lib/libQt5WebKit.so.2.1
> #7  0x0000079d9605e7e4 in WebCore::HTMLScriptRunner::executeParsingBlockingScript() () from /usr/local/lib/libQt5WebKit.so.2.1
> #8  0x0000079d9605f10b in WebCore::HTMLScriptRunner::executeScriptsWaitingForLoad(WebCore::CachedResource*) () from /usr/local/lib/libQt5WebKit.so.2.1
> #9  0x0000079d9605370f in WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) () from /usr/local/lib/libQt5WebKit.so.2.1
> #10 0x0000079d960a2453 in WebCore::CachedResource::checkNotify() () from /usr/local/lib/libQt5WebKit.so.2.1
> #11 0x0000079d960f10f9 in WebCore::SubresourceLoader::didFinishLoading(double) () from /usr/local/lib/libQt5WebKit.so.2.1
> #12 0x0000079d9630d2fa in WebCore::QNetworkReplyHandler::finish() () from /usr/local/lib/libQt5WebKit.so.2.1
> #13 0x0000079d9630bb0a in WebCore::QNetworkReplyHandlerCallQueue::flush() () from /usr/local/lib/libQt5WebKit.so.2.1
> #14 0x0000079d9630f40a in WebCore::QNetworkReplyWrapper::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/local/lib/libQt5WebKit.so.2.1
> #15 0x0000079dbc057572 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/local/lib/libQt5Core.so.2.2
> #16 0x0000079d3fbe7dea in QNetworkReply::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/local/lib/libQt5Network.so.2.2
> #17 0x0000079dbc04f952 in QObject::event(QEvent*) () from /usr/local/lib/libQt5Core.so.2.2
> #18 0x0000079ddfef80dc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/lib/libQt5Widgets.so.2.2
> #19 0x0000079ddfef96d9 in QApplication::notify(QObject*, QEvent*) () from /usr/local/lib/libQt5Widgets.so.2.2
> #20 0x0000079dbc0200ba in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/local/lib/libQt5Core.so.2.2
> #21 0x0000079dbc0211c7 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/local/lib/libQt5Core.so.2.2
> #22 0x0000079dbc07e987 in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () from /usr/local/lib/libQt5Core.so.2.2
> #23 0x0000079daff7e889 in g_main_dispatch (context=<optimized out>) at gmain.c:3177
> #24 g_main_context_dispatch (context=<optimized out>) at gmain.c:3830
> #25 0x0000079daff7ec93 in g_main_context_iterate (context=<optimized out>, block=<optimized out>, dispatch=<optimized out>, self=<optimized out>) at gmain.c:3903
> #26 0x0000079daff7ed73 in g_main_context_iteration (context=0x79d7b329e00, may_block=0) at gmain.c:3964
> #27 0x0000079dbc07e1cb in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/lib/libQt5Core.so.2.2
> #28 0x0000079dbc020766 in QCoreApplication::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/lib/libQt5Core.so.2.2
> #29 0x0000079d993448b7 in Digikam::DSplashScreen::setMessage(QString const&) () from /usr/local/lib/libdigikamcore.so.1.0
> #30 0x0000079dd4cd1c04 in Digikam::DigikamApp::setupActions() () from /usr/local/lib/libdigikamgui.so.1.0
> #31 0x0000079dd4cd57b7 in Digikam::DigikamApp::DigikamApp() () from /usr/local/lib/libdigikamgui.so.1.0
> #32 0x0000079b29902fc0 in main ()
>
> otter-browser:
>
> Thread 1 received signal SIGTRAP, Trace/breakpoint trap.
> 0x00001f261430f4ad in cti_op_construct_NotJSConstruct () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> (gdb) bt
> #0  0x00001f261430f4ad in cti_op_construct_NotJSConstruct () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #1  0x00001f26142a85e7 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #2  0x00001f26143c152e in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #3  0x00001f26130d9b7d in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #4  0x00001f26130d9e06 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #5  0x00001f26140eb511 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #6  0x00001f26131b492f in WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript&) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #7  0x00001f26131b47e4 in WebCore::HTMLScriptRunner::executeParsingBlockingScript() () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #8  0x00001f26131b510b in WebCore::HTMLScriptRunner::executeScriptsWaitingForLoad(WebCore::CachedResource*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #9  0x00001f26131a970f in WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #10 0x00001f26131f8453 in WebCore::CachedResource::checkNotify() () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #11 0x00001f26132470f9 in WebCore::SubresourceLoader::didFinishLoading(double) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #12 0x00001f26134632fa in WebCore::QNetworkReplyHandler::finish() () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #13 0x00001f2613461b0a in WebCore::QNetworkReplyHandlerCallQueue::flush() () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #14 0x00001f261346540a in WebCore::QNetworkReplyWrapper::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/local/lib/qt5/./libQt5WebKit.so.2.1
> #15 0x00001f268a49a572 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
> #16 0x00001f26c0a44e7f in QNetworkReplyHttpImplPrivate::finished() () from /usr/local/lib/qt5/./libQt5Network.so.2.2
> #17 0x00001f26c0b0fcf7 in QNetworkReplyHttpImpl::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/local/lib/qt5/./libQt5Network.so.2.2
> #18 0x00001f268a492952 in QObject::event(QEvent*) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
> #19 0x00001f263afec0dc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2
> #20 0x00001f263afed6d9 in QApplication::notify(QObject*, QEvent*) () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2
> #21 0x00001f268a4630ba in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
> #22 0x00001f268a4641c7 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
> #23 0x00001f268a4c1987 in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
> #24 0x00001f2618cc8889 in g_main_dispatch (context=<optimized out>) at gmain.c:3177
> #25 g_main_context_dispatch (context=<optimized out>) at gmain.c:3830
> #26 0x00001f2618cc8c93 in g_main_context_iterate (context=<optimized out>, block=<optimized out>, dispatch=<optimized out>, self=<optimized out>) at gmain.c:3903
> #27 0x00001f2618cc8d73 in g_main_context_iteration (context=0x1f261587e900, may_block=1) at gmain.c:3964
> #28 0x00001f268a4c11cb in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
> #29 0x00001f268a45e47e in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/lib/qt5/./libQt5Core.so.2.2
> #30 0x00001f268a4639f4 in QCoreApplication::exec() () from /usr/local/lib/qt5/./libQt5Core.so.2.2
> #31 0x00001f240cf0b4b9 in main ()
>

Switch off retguard in qtwebkit fix the crashes above.

Please find below a diff to disbale retguard for qtwebkit and respect
CC/CXX in Qt.

ok?

Index: qt5.port.mk
===================================================================
RCS file: /cvs/ports/x11/qt5/qt5.port.mk,v
retrieving revision 1.20
diff -u -p -u -p -r1.20 qt5.port.mk
--- qt5.port.mk 25 Jan 2018 15:02:25 -0000 1.20
+++ qt5.port.mk 13 Jun 2018 14:56:11 -0000
@@ -121,7 +121,7 @@ MODQT5_USE_CXX11 ?= Yes
 COMPILER ?= base-clang ports-clang ports-gcc
 ONLY_FOR_ARCHS ?= ${CXX11_ARCHS}
 # useful?
-_MODQT5_SETUP += CC=cc CXX=c++
+_MODQT5_SETUP += CC=${CC} CXX=${CXX}
 .endif
 
 .include "Makefile.version"
Index: qtwebkit/Makefile
===================================================================
RCS file: /cvs/ports/x11/qt5/qtwebkit/Makefile,v
retrieving revision 1.10
diff -u -p -u -p -r1.10 Makefile
--- qtwebkit/Makefile 29 Mar 2018 20:04:42 -0000 1.10
+++ qtwebkit/Makefile 13 Jun 2018 14:56:11 -0000
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.10 2018/03/29 20:04:42 rsadowski Exp $
 
 QT5NAME = QtWebkit
-REVISION = 5
+REVISION = 6
 COMMENT = old Webkit integration framework for Qt
 USE_WXNEEDED = Yes
 DPB_PROPERTIES = parallel
@@ -26,6 +26,8 @@ MASTER_SITES = https://download.qt.io/c
 MODULES = perl lang/python lang/ruby
 MODPY_RUNDEP = No
 MODRUBY_RUNDEP = No
+
+CXXFLAGS += -fno-ret-protector
 
 BUILD_DEPENDS = devel/bison \
  devel/gperf \

Reply | Threaded
Open this post in threaded view
|

Re: qtwebkit consumers are broken

Theo de Raadt-2
Rafael Sadowski <[hidden email]> wrote:

> Switch off retguard in qtwebkit fix the crashes above.
>
> Please find below a diff to disbale retguard for qtwebkit and respect
> CC/CXX in Qt.

This diff misses the point.  The problem should be looked at a little
deeper.

retguard is a stack-corruption detector.  The return address isn't
what is expected.  This looks like an interface where JIT and non-JIT
code touch, perhaps by adjusting the return address on the stack without
being aware it needs an XOR.  Maybe the XOR cookie be discovered by
XOR'ing the previous return value if that is known, to re-apply it to
the new ret value.

Aren't you a little curious?

Also -- with your diff, is the old -fstack-protector(-strong) enabled
or disabled?  I think it is disabled.

Reply | Threaded
Open this post in threaded view
|

Re: qtwebkit consumers are broken

Todd Mortimer


> On Jun 13, 2018, at 11:11, Theo de Raadt <[hidden email]> wrote:
>
> Rafael Sadowski <[hidden email]> wrote:
>
>> Switch off retguard in qtwebkit fix the crashes above.
>>
>> Please find below a diff to disbale retguard for qtwebkit and respect
>> CC/CXX in Qt.
>
> This diff misses the point.  The problem should be looked at a little
> deeper.
>
> retguard is a stack-corruption detector.  The return address isn't
> what is expected.  This looks like an interface where JIT and non-JIT
> code touch, perhaps by adjusting the return address on the stack without
> being aware it needs an XOR.  Maybe the XOR cookie be discovered by
> XOR'ing the previous return value if that is known, to re-apply it to
> the new ret value.

If this is indeed an instance of the return address being deliberately modified between function entry and exit then that will be hard to fix so the program can update the cookie on stack so the check passes. In this case the easiest thing to do is disable retguard as this diff does. Chromium doesn’t have this problem though, but maybe earlier versions of webkit did this and qtwebkit is based on those.

If this is the cookie value being corrupted then that would indicate a bug in the program that is being triggered by the stack frame being adjusted to make space for the retguard cookie.

I don’t know how hard it is to attach a debugger to this and see if the return address is being modified or if the cookie is being corrupted.

>
> Aren't you a little curious?
>
> Also -- with your diff, is the old -fstack-protector(-strong) enabled
> or disabled?  I think it is disabled.

Disabling retguard does not disable the stack protector, so whatever stack protector is enabled by the usual makefile will continue to apply.

Reply | Threaded
Open this post in threaded view
|

Re: qtwebkit consumers are broken

Rafael Sadowski
On Wed Jun 13, 2018 at 04:59:42PM -0400, Todd Mortimer wrote:

>
>
> > On Jun 13, 2018, at 11:11, Theo de Raadt <[hidden email]> wrote:
> >
> > Rafael Sadowski <[hidden email]> wrote:
> >
> >> Switch off retguard in qtwebkit fix the crashes above.
> >>
> >> Please find below a diff to disbale retguard for qtwebkit and respect
> >> CC/CXX in Qt.
> >
> > This diff misses the point.  The problem should be looked at a little
> > deeper.
> >
> > retguard is a stack-corruption detector.  The return address isn't
> > what is expected.  This looks like an interface where JIT and non-JIT
> > code touch, perhaps by adjusting the return address on the stack without
> > being aware it needs an XOR.  Maybe the XOR cookie be discovered by
> > XOR'ing the previous return value if that is known, to re-apply it to
> > the new ret value.
>
> If this is indeed an instance of the return address being deliberately
> modified between function entry and exit then that will be hard to fix
> so the program can update the cookie on stack so the check passes. In
> this case the easiest thing to do is disable retguard as this diff
> does. Chromium doesn’t have this problem though, but maybe earlier
> versions of webkit did this and qtwebkit is based on those.

I would prefer to commit the diff at least to fix crashes all qtwebkit
consumers. In the long term, we should replace qtwebkit with
qtwebengine. qtwebkit is no longer maintained.

>
> If this is the cookie value being corrupted then that would indicate a
> bug in the program that is being triggered by the stack frame being
> adjusted to make space for the retguard cookie.
>
> I don’t know how hard it is to attach a debugger to this and see if
> the return address is being modified or if the cookie is being
> corrupted.
>
> >
> > Aren't you a little curious?

Sure but I don't have the time.

> >
> > Also -- with your diff, is the old -fstack-protector(-strong) enabled
> > or disabled?  I think it is disabled.
>
> Disabling retguard does not disable the stack protector, so whatever
> stack protector is enabled by the usual makefile will continue to
> apply.
>