Ubuntu
qtwebkit-opensource-src package

Merge ~fheimes/ubuntu/+source/qtwebkit-opensource-src:qtwebkit-lp1951470-impish into ubuntu/+source/qtwebkit-opensource-src:ubuntu/impish-devel

  1. Git
  2. lp:~fheimes/ubuntu/+source/qtwebkit-opensource-src
  3. qtwebkit-lp1951470-impish
  4. Merge into ubuntu/impish-devel
Proposed by Frank Heimes
Status: Needs review
Proposed branch: ~fheimes/ubuntu/+source/qtwebkit-opensource-src:qtwebkit-lp1951470-impish
Merge into: ubuntu/+source/qtwebkit-opensource-src:ubuntu/impish-devel
Diff against target: 82 lines (+49/-1)
4 files modified
debian/changelog (+8/-0)
debian/control (+2/-1)
debian/patches/series (+1/-0)
debian/patches/webkit-javascript-s390x-segmentation-fault-fix.patch (+38/-0)
Reviewer Review Type Date Requested Status
Dmitry Shachnev Pending
Review via email: mp+412357@code.launchpad.net

Description of the change

WebKit Javascript big endian/s390x segmentation-fault fix
 In CodeBlock.cpp the code preparing the operands of op_get_from_scope writes
 the property offset as pointer size (hence 64 bit) value:
 2141: instructions[i + 6].u.pointer = reinterpret_cast<void*>(op.operand);
 while the same slot is accessed later by the jitted code as 32 bit integer:
 macro getProperty(slow)
    loadisFromInstruction(6, t1)
 This fails on big endian targets since the integer access takes the higher
 part of the 64 bit value.
 Changing:
 macro getProperty(slow)
    loadisFromInstruction(6, t1)
 to
 macro getProperty(slow)
    loadpFromInstruction(6, t1)
 in llint/LowLevelInterpreter64.asm fixes the problem
 on big endian environments.
 Hence the changed code is very minimal.

 Test (verification that patch worked):
 ubuntu@s1lp11:~$ arch
 s390x
 ubuntu@s1lp11:~$ lsb_release -cs
 impish
 ubuntu@s1lp11:~$ ls *.js *.html *.pdf
 ls: cannot access '*.pdf': No such file or directory
 index.html min.js
 ubuntu@s1lp11:~$ wkhtmltopdf --enable-local-file-access index.html test.pdf
 Loading page (1/2)
 Printing pages (2/2)
 Done
 ubuntu@s1lp11:~$ ls *.js *.html *.pdf
 index.html min.js test.pdf
 ubuntu@s1lp11:~$
 (One can open this test.pdf as blank pdf file - but most important: no seg fault anymore!)

To post a comment you must log in.

Unmerged commits

f814587... by Frank Heimes

  * d/control for d/p/webkit-javascript-s390x-segmentation-fault-fix.patch
    after update-maintainer run

7e5291b... by Frank Heimes

  * d/changelog for d/p/webkit-javascript-s390x-segmentation-fault-fix.patch

e8379dd... by Frank Heimes

  * d/p/webkit-javascript-s390x-segmentation-fault-fix.patch:
    WebKit Javascript big endian/s390x segmentation-fault fix
    (LP: #1951470)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index b881e92..06bab7d 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,11 @@
6+qtwebkit-opensource-src (5.212.0~alpha4-12ubuntu0.21.10.1) impish; urgency=medium
7+
8+ * d/p/webkit-javascript-s390x-segmentation-fault-fix.patch:
9+ WebKit Javascript big endian/s390x segmentation-fault fix
10+ (LP: #1951470)
11+
12+ -- Frank Heimes <frank.heimes@canonical.com> Wed, 24 Nov 2021 16:58:52 +0100
13+
14 qtwebkit-opensource-src (5.212.0~alpha4-12) experimental; urgency=medium
15
16 * Add a patch from openSUSE to fix build with GLib ≥ 2.68.
17diff --git a/debian/control b/debian/control
18index d01d401..37b9ff1 100644
19--- a/debian/control
20+++ b/debian/control
21@@ -1,6 +1,7 @@
22 Source: qtwebkit-opensource-src
23 Priority: optional
24-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
25+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
26+XSBC-Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
27 Uploaders: Timo Jyrinki <timo@debian.org>,
28 Lisandro Damián Nicanor Pérez Meyer <lisandro@debian.org>,
29 Dmitry Shachnev <mitya57@debian.org>,
30diff --git a/debian/patches/series b/debian/patches/series
31index a369709..312acc9 100644
32--- a/debian/patches/series
33+++ b/debian/patches/series
34@@ -5,3 +5,4 @@ bison_3.7.diff
35 no_pdf_image_plugin.diff
36 python_3.9.diff
37 glib_2.68.diff
38+webkit-javascript-s390x-segmentation-fault-fix.patch
39diff --git a/debian/patches/webkit-javascript-s390x-segmentation-fault-fix.patch b/debian/patches/webkit-javascript-s390x-segmentation-fault-fix.patch
40new file mode 100644
41index 0000000..28bbad9
42--- /dev/null
43+++ b/debian/patches/webkit-javascript-s390x-segmentation-fault-fix.patch
44@@ -0,0 +1,38 @@
45+Description: WebKit Javascript big endian/s390x segmentation-fault fix
46+ In CodeBlock.cpp the code preparing the operands of op_get_from_scope writes
47+ the property offset as pointer size (hence 64 bit) value:
48+ 2141: instructions[i + 6].u.pointer = reinterpret_cast<void*>(op.operand);
49+ while the same slot is accessed later by the jitted code as 32 bit integer:
50+ macro getProperty(slow)
51+ loadisFromInstruction(6, t1)
52+ This fails on big endian targets since the integer access takes the higher
53+ part of the 64 bit value.
54+ Changing:
55+ macro getProperty(slow)
56+ loadisFromInstruction(6, t1)
57+ to
58+ macro getProperty(slow)
59+ loadpFromInstruction(6, t1)
60+ in llint/LowLevelInterpreter64.asm fixes the problem
61+ on big endian environments.
62+
63+Author: Andreas Krebbel <Andreas.Krebbel@de.ibm.com>
64+Origin: vendor, https://launchpadlibrarian.net/569624765/webkit-IBMZ-fix.patch
65+Bug-IBM: IBM Bugzilla 195436
66+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1951470
67+Forwarded: not-needed
68+Reviewed-by: Frank Heimes <frank.heimes@canonical.com>
69+Last-Update: 2021-11-24
70+---
71+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
72+--- a/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
73++++ b/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
74+@@ -2020,7 +2020,7 @@
75+ end
76+
77+ macro getProperty(slow)
78+- loadisFromInstruction(6, t1)
79++ loadpFromInstruction(6, t1)
80+ loadPropertyAtVariableOffset(t1, t0, t2, slow)
81+ valueProfile(t2, 7, t0)
82+ loadisFromInstruction(1, t0)

Subscribers

People subscribed via source and target branches